Lucene search
K

3825 matches found

OpenVAS
OpenVAS
added 2022/07/14 12:0 a.m.23 views

Huawei EulerOS: Security Advisory for libvirt (EulerOS-SA-2022-2092)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

4.3CVSS5.1AI score0.01024EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2022/07/14 12:0 a.m.24 views

Huawei EulerOS: Security Advisory for libvirt (EulerOS-SA-2022-2045)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.5CVSS6.8AI score0.01334EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2022/07/14 12:0 a.m.34 views

EulerOS Virtualization 2.10.0 : libvirt (EulerOS-SA-2022-2092)

According to the versions of the libvirt package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - A flaw was found in the libvirt nwfilter driver. The virNWFilterObjListNumOfNWFilters method failed to acquire the driver-nwfilte...

4.3CVSS6AI score0.01024EPSS
Exploits0References2
Rockylinux
Rockylinux
added 2022/06/28 8:28 a.m.11 views

libvirt bug fix and enhancement update

An update is available for libvirt. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The libvirt library contains a C API for managing and interacting with the...

1.9AI score
Exploits0
OSV
OSV
added 2022/06/24 11:3 a.m.4 views

OESA-2022-1722 libvirt security update

Libvirt is a C toolkit to interact with the virtualization capabilities of recent versions of Linux and other OSes. The main package includes the libvirtd server exporting the virtualization support. Security Fixes: A flaw was found in the libvirt nwfilter driver. The...

4.3CVSS6.7AI score0.01024EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2022/06/06 12:0 a.m.54 views

Oracle Linux 8 : kvm_utils (ELSA-2022-9460)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2022-9460 advisory. - A use-after-free vulnerability was found in the virtio-net device of QEMU. It could occur when the descriptor's address belongs to the non direct...

7.5CVSS6.8AI score0.02701EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2022/05/27 12:0 a.m.29 views

Oracle Linux 7 : libvirt / libvirt-python (ELSA-2022-9433)

The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2022-9433 advisory. - nwfilter: fix crash when counting number of network filters Daniel P. Berrange Orabug: 33973639 CVE-2022-0897 libvirt-python Tenable has extracted the precedi...

4.3CVSS6.2AI score0.01024EPSS
Exploits0References2
Oracle linux
Oracle linux
added 2022/05/26 12:0 a.m.40 views

libvirt libvirt-python security update

libvirt 5.7.0-33.el7 - qemu: refresh vNUMA/SMT pinning. Wim ten Have Orabug: 34083505 - qemu driver: Check exadataConfig and packCPUs whenever vNUMA/SMT applies Wim ten Have Orabug: 34023508 - nwfilter: fix crash when counting number of network filters Daniel P. Berrange Orabug: 33973639...

4.3CVSS1.8AI score0.01024EPSS
Exploits0
OSV
OSV
added 2022/05/24 5:44 p.m.25 views

GHSA-MM5C-7MPR-99FM CSRF vulnerability in Jenkins Libvirt Agents Plugin

Jenkins Libvirt Agents Plugin 1.9.0 and earlier does not require POST requests for a form submission endpoint, resulting in a cross-site request forgery CSRF vulnerability. This vulnerability allows attackers to stop hypervisor domains. Jenkins Libvirt Agents Plugin 1.9.1 requires POST requests f...

8.8CVSS8.6AI score0.00818EPSS
Exploits0References5
Github Security Blog
Github Security Blog
added 2022/05/24 5:44 p.m.23 views

CSRF vulnerability in Jenkins Libvirt Agents Plugin

Jenkins Libvirt Agents Plugin 1.9.0 and earlier does not require POST requests for a form submission endpoint, resulting in a cross-site request forgery CSRF vulnerability. This vulnerability allows attackers to stop hypervisor domains. Jenkins Libvirt Agents Plugin 1.9.1 requires POST requests f...

8.8CVSS8.2AI score0.00818EPSS
Exploits0References5Affected Software1
OSV
OSV
added 2022/05/24 4:59 p.m.13 views

GHSA-M36J-F2HF-QGJ2 Jenkins Libvirt Slaves Plugin vlnerable to Incorrect Default Permissions

A missing permission check in Jenkins Libvirt Slaves Plugin allows attackers with Overall/Read permission to connect to an attacker-specified SSH server using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins...

6.5CVSS6.3AI score0.00836EPSS
Exploits0References6
Github Security Blog
Github Security Blog
added 2022/05/24 4:59 p.m.26 views

Jenkins Libvirt Slaves Plugin vlnerable to Incorrect Default Permissions

A missing permission check in Jenkins Libvirt Slaves Plugin allows attackers with Overall/Read permission to connect to an attacker-specified SSH server using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins...

6.5CVSS4.7AI score0.00836EPSS
Exploits0References6Affected Software1
OSV
OSV
added 2022/05/24 4:59 p.m.17 views

GHSA-8J3M-J6X6-CP5V Jenkins Libvirt Slaves Plugin vlnerable to Credential Enumeration

A missing permission check in Jenkins Libvirt Slaves Plugin in form-related methods allowed users with Overall/Read access to enumerate credentials ID of credentials stored in Jenkins...

4.3CVSS4.4AI score0.00678EPSS
Exploits0References6
OSV
OSV
added 2022/05/24 4:59 p.m.16 views

GHSA-M295-M3X4-3MMC Jenkins Libvirt Slaves Plugin vlnerable to Cross-Site Request Forgery

A cross-site request forgery vulnerability in Jenkins Libvirt Slaves Plugin allows attackers to connect to an attacker-specified SSH server using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins...

8.8CVSS8.7AI score0.00678EPSS
Exploits0References5
Github Security Blog
Github Security Blog
added 2022/05/24 4:59 p.m.24 views

Jenkins Libvirt Slaves Plugin vlnerable to Credential Enumeration

A missing permission check in Jenkins Libvirt Slaves Plugin in form-related methods allowed users with Overall/Read access to enumerate credentials ID of credentials stored in Jenkins...

4.3CVSS4.3AI score0.00678EPSS
Exploits0References6Affected Software1
Github Security Blog
Github Security Blog
added 2022/05/24 4:59 p.m.22 views

Jenkins Libvirt Slaves Plugin vlnerable to Cross-Site Request Forgery

A cross-site request forgery vulnerability in Jenkins Libvirt Slaves Plugin allows attackers to connect to an attacker-specified SSH server using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins...

8.8CVSS5AI score0.00678EPSS
Exploits0References5Affected Software1
Rockylinux
Rockylinux
added 2022/05/17 7:1 a.m.11 views

new packages: libvirt-glib

An update is available for libvirt-glib. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the Rocky...

2.2AI score
Exploits0
Rockylinux
Rockylinux
added 2022/05/17 7:1 a.m.13 views

new packages: libvirt-dbus

An update is available for libvirt-dbus. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the Rocky...

2.2AI score
Exploits0
Rockylinux
Rockylinux
added 2022/05/17 6:1 a.m.17 views

new packages: libvirt-python

An update is available for libvirt-python. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the Rocky Lin...

2AI score
Exploits0
OSV
OSV
added 2022/05/17 5:25 a.m.7 views

GHSA-M454-CM7H-RQHH OpenStack Nova Directory traversal vulnerability

Directory traversal vulnerability in virt/disk/api.py in OpenStack Compute Nova Folsom 2012.2 and Essex 2012.1, when used over libvirt-based hypervisors, allows remote authenticated users to write arbitrary files to the disk image via a .. dot dot in the path attribute of a file element...

5.5CVSS6.1AI score0.02997EPSS
Exploits1References8
Rows per page
Query Builder