Lucene search
K

46 matches found

OSV
OSV
added 2017/11/27 4:29 p.m.52 views

UBUNTU-CVE-2017-15114

When libvirtd is configured by OSP director tripleo-heat-templates to use the TLS transport it defaults to the same certificate authority as all non-libvirtd services. As no additional authentication is configured this allows these services to connect to libvirtd which is equivalent to root acces...

8.1CVSS7.2AI score0.01506EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2017/10/30 12:0 a.m.27 views

openSUSE Security Update : libvirt (openSUSE-2017-1213)

This update for libvirt fixes the following issues : Security issue fixed : - CVE-2017-1000256: Ensure TLS clients always verify the server certificate in the serial/TLS support. bsc1062563 Non security issue fixed : - libvirt-daemon-qemu requires libvirt-daemon-driver-storage bsc1062620 This...

8.1CVSS7.1AI score0.017EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2017/10/26 12:0 a.m.31 views

SUSE SLED12 / SLES12 Security Update : libvirt (SUSE-SU-2017:2850-1)

This update for libvirt fixes the following issues: Security issue fixed : - CVE-2017-1000256: Ensure TLS clients always verify the server certificate in the serial/TLS support. bsc1062563 Non security issue fixed : - libvirt-daemon-qemu requires libvirt-daemon-driver-storage bsc1062620 Note that...

8.1CVSS7.1AI score0.017EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2017/06/20 12:23 p.m.2 views

rhosp-director: libvirtd is deployed with no authentication

A design flaw issue was found in the Red Hat OpenStack Platform director use of TripleO to enable libvirtd based live-migration. Libvirtd is deployed by default by director listening on 0.0.0.0 all interfaces with no-authentication or encryption. Anyone able to make a TCP connection to any comput...

10CVSS5.8AI score0.04783EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2017/06/19 2:45 p.m.6 views

rhosp-director: libvirtd is deployed with no authentication

A design flaw issue was found in the Red Hat OpenStack Platform director use of TripleO to enable libvirtd based live-migration. Libvirtd is deployed by default by director listening on 0.0.0.0 all interfaces with no-authentication or encryption. Anyone able to make a TCP connection to any comput...

10CVSS5.8AI score0.04783EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2016/11/03 8:7 a.m.5 views

libvirt: Ceph id/key leaked in the process list

It was found that the libvirt daemon, when using RBD RADOS Block Device, leaked private credentials to the process list. A local attacker could use this flaw to perform certain privileged operations within the cluster...

5.5CVSS7.3AI score0.0041EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2015/12/22 12:0 a.m.12 views

Scientific Linux Security Update : netcf on SL7.x x86_64 (20151119)

A denial of service flaw was found in netcf. A specially crafted interface name could cause an application using netcf such as the libvirt daemon to crash. CVE-2014-8119 The netcf packages have been upgraded to upstream version 0.2.8, which provides a number of bug fixes and enhancements over the...

7.5CVSS7.2AI score0.02672EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2015/11/19 4:11 a.m.4 views

netcf: augeas path expression injection via interface name

A denial of service flaw was found in netcf. A specially crafted interface name could cause an application using netcf such as the libvirt daemon to crash...

7.5CVSS7.1AI score0.02672EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2015/07/22 12:0 a.m.4 views

netcf: augeas path expression injection via interface name

A denial of service flaw was found in netcf. A specially crafted interface name could cause an application using netcf such as the libvirt daemon to crash...

7.5CVSS7AI score0.02672EPSS
Exploits0References4
BDU FSTEC
BDU FSTEC
added 2015/06/01 12:0 a.m.6 views

The vulnerability of the Red Hat Enterprise Linux operating system allows a remote attacker to compromise the confidentiality and accessibility of protected information.

The vulnerability of the libvirt-daemon-driver-interface-1.1.1 package on the Red Hat Enterprise Linux operating system can lead to a violation of the confidentiality and accessibility of protected information. This vulnerability can be exploited remotely...

5.8CVSS6.7AI score0.01905EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2015/06/01 12:0 a.m.7 views

The vulnerability of the Red Hat Enterprise Linux operating system allows a remote attacker to compromise the confidentiality and accessibility of protected information.

The vulnerability of the libvirt-daemon-config-network-1.1.1 package for the Red Hat Enterprise Linux operating system can lead to a violation of the confidentiality and accessibility of protected information. This vulnerability can be exploited remotely...

5.8CVSS6.7AI score0.01905EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2015/06/01 12:0 a.m.7 views

The vulnerability of the Red Hat Enterprise Linux operating system allows a remote attacker to compromise the confidentiality and accessibility of protected information.

The vulnerability of the libvirt-daemon-1.1.1 package of the Red Hat Enterprise Linux operating system can lead to a violation of the confidentiality and accessibility of protected information. This vulnerability can be exploited remotely...

5.8CVSS6.7AI score0.01905EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2015/06/01 12:0 a.m.6 views

The vulnerability of the Red Hat Enterprise Linux operating system allows a remote attacker to compromise the confidentiality and accessibility of protected information.

The vulnerability of the libvirt-daemon-kvm-1.1.1 package in the Red Hat Enterprise Linux operating system can lead to a violation of the confidentiality and accessibility of protected information. This vulnerability can be exploited remotely...

5.8CVSS6.7AI score0.01905EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2015/06/01 12:0 a.m.5 views

The vulnerability of the Red Hat Enterprise Linux operating system allows a remote attacker to compromise the confidentiality and accessibility of protected information.

The vulnerability of the libvirt-daemon-lxc-1.1.1 package of the Red Hat Enterprise Linux operating system can lead to a violation of the confidentiality and accessibility of protected information. This vulnerability can be exploited remotely...

5.8CVSS6.7AI score0.01905EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2015/06/01 12:0 a.m.4 views

The vulnerability of the Red Hat Enterprise Linux operating system allows a remote attacker to compromise the confidentiality and accessibility of protected information.

The vulnerability of the libvirt-daemon-driver-secret-1.1.1 package for the Red Hat Enterprise Linux operating system can lead to a violation of the confidentiality and accessibility of protected information. This vulnerability can be exploited remotely...

5.8CVSS6.7AI score0.01905EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2015/06/01 12:0 a.m.4 views

The vulnerability of the Red Hat Enterprise Linux operating system allows a remote attacker to compromise the confidentiality and accessibility of protected information.

The vulnerability of the libvirt-daemon-driver-nodedev-1.1.1 package for the Red Hat Enterprise Linux operating system can lead to a violation of the confidentiality and accessibility of protected information. This vulnerability can be exploited remotely...

5.8CVSS6.7AI score0.01905EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2015/04/28 12:0 a.m.4 views

The vulnerability of the CentOS operating system allows a malicious attacker to compromise the confidentiality and accessibility of protected information.

The vulnerability of the libvirt-daemon-1.1.1 package on the CentOS operating system can lead to violations of confidentiality and accessibility of protected information. This vulnerability can be exploited remotely...

5.8CVSS6.7AI score0.01905EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2015/04/28 12:0 a.m.4 views

The vulnerability of the CentOS operating system allows a malicious attacker to compromise the confidentiality and accessibility of protected information.

The vulnerability of the libvirt-daemon-lxc-1.1.1 package from the CentOS operating system can lead to a violation of the confidentiality and accessibility of protected information. This vulnerability can be exploited remotely...

5.8CVSS6.7AI score0.01905EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2015/04/28 12:0 a.m.4 views

The vulnerability of the CentOS operating system allows a malicious attacker to compromise the confidentiality and accessibility of protected information.

The vulnerability of the libvirt-daemon-kvm-1.1.1 package on the CentOS operating system can lead to violations of confidentiality and accessibility of protected information. This vulnerability can be exploited remotely...

5.8CVSS6.7AI score0.01905EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2015/04/28 12:0 a.m.7 views

The vulnerability of the CentOS operating system allows a malicious attacker to compromise the confidentiality and accessibility of protected information.

The vulnerability of the libvirt-daemon-driver-interface-1.1.1 package on the CentOS operating system can lead to violations of confidentiality and accessibility of protected information. This vulnerability can be exploited remotely...

5.8CVSS6.7AI score0.01905EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder