EUVD-2020-6453

Malware in sbrugna...

Fedora 35 : python-virtualbmc (2022-42723b43fe)

The remote Fedora 35 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2022-42723b43fe advisory. Security fix for CVE-2022-44020 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus h...

Fedora 36 : python-virtualbmc (2022-72b8efd577)

The remote Fedora 36 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2022-72b8efd577 advisory. Security fix for CVE-2022-44020 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus h...

CVE-2022-44020

A flaw was found in sushy-tools & VirtualBMC, where changing the boot device configuration removes password protection from the managed libvirt XML domain...

GHSA-5PJ3-6FQM-8M7M OpenStack Sushy-Tools and VirtualBMC Improper Preservation of Permissions

An issue was discovered in OpenStack Sushy-Tools through 0.21.0 and VirtualBMC through 2.2.2. Changing the boot device configuration with these packages removes password protection from the managed libvirt XML domain. NOTE: this only affects an "unsupported, production-like configuration."...

OpenStack Sushy-Tools and VirtualBMC Improper Preservation of Permissions

An issue was discovered in OpenStack Sushy-Tools through 0.21.0 and VirtualBMC through 2.2.2. Changing the boot device configuration with these packages removes password protection from the managed libvirt XML domain. NOTE: this only affects an "unsupported, production-like configuration."...

CVE-2022-44020

An issue was discovered in OpenStack Sushy-Tools through 0.21.0 and VirtualBMC through 2.2.2. Changing the boot device configuration with these packages removes password protection from the managed libvirt XML domain. NOTE: this only affects an "unsupported, production-like configuration."...

CVE-2022-44020

An issue was discovered in OpenStack Sushy-Tools through 0.21.0 and VirtualBMC through 2.2.2. Changing the boot device configuration with these packages removes password protection from the managed libvirt XML domain. NOTE: this only affects an "unsupported, production-like configuration."...

Design/Logic Flaw

An issue was discovered in OpenStack Sushy-Tools through 0.21.0 and VirtualBMC through 2.2.2. Changing the boot device configuration with these packages removes password protection from the managed libvirt XML domain. NOTE: this only affects an "unsupported, production-like configuration."...

OpenStack 安全漏洞

OpenStack is a cloud platform management program of the National Aeronautics and Space Administration NASA. A security vulnerability exists in OpenStack Sushy-Tools 0.21.0 and earlier and VirtualBMC 2.2.2 and earlier, which stems from the fact that changing the boot device configuration with thes...

CVE-2022-44020

CVE-2022-44020 affects OpenStack Sushy-Tools up to 0.21.0 and VirtualBMC up to 2.2.2. The issue occurs when changing the boot device configuration, which removes password protection from the managed libvirt XML domain. This risk is disclosed as affecting an "unsupported, production-like configura...

openSUSE Security Update : qemu (openSUSE-2018-996)

This update for qemu fixes the following issues : This security issue was fixed : - CVE-2018-12617: qmpguestfileread had an integer overflow that could have been exploited by sending a crafted QMP command including guest-file-read with a large count value to the agent via the listening socket...

Security update for qemu (moderate)

This update for qemu fixes the following issues: This security issue was fixed: - CVE-2018-12617: qmpguestfileread had an integer overflow that could have been exploited by sending a crafted QMP command including guest-file-read with a large count value to the agent via the listening socket causi...

CVE-2014-0179

libvirt 0.7.5 through 1.2.x before 1.2.5 allows local users to cause a denial of service read block and hang via a crafted XML document containing an XML external entity declaration in conjunction with an entity reference to the 1 virConnectCompareCPU or 2 virConnectBaselineCPU API method, relate...