Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

253 matches found

Cvelist
Cvelistadded 2018/07/26 12:0 p.m.36 views

CVE-2017-2637

A design flaw issue was found in the Red Hat OpenStack Platform director use of TripleO to enable libvirtd based live-migration. Libvirtd is deployed by default by director listening on 0.0.0.0 all interfaces with no-authentication or encryption. Anyone able to make a TCP connection to any comput...

9.9CVSS9.8AI score0.00539EPSS
Exploits0References8
CVE
CVEadded 2018/07/26 12:0 p.m.86 views

CVE-2017-2637

CVE-2017-2637 describes a design flaw in the Red Hat OpenStack Platform director’s use of TripleO for enabling libvirtd live-migration. Libvirtd is deployed by default and listens on 0.0.0.0 with no authentication or encryption. A remote actor who can reach any compute host IP (including localhos...

10CVSS9.7AI score0.00539EPSS
Exploits0References8Affected Software1
Positive Technologies
Positive Technologiesadded 2018/07/26 12:0 a.m.3 views

PT-2018-7152 · Red Hat · Red Hat Openstack Platform Director +1

Name of the Vulnerable Software and Affected Versions: Red Hat OpenStack Platform director affected versions not specified Description: A design flaw issue was found in the use of TripleO to enable libvirtd based live-migration. Libvirtd is deployed by default listening on 0.0.0.0 with no...

10CVSS9.4AI score0.00539EPSS
Exploits0References10
RedHat Linux
RedHat Linuxadded 2018/06/26 4:28 p.m.59 views

Important: Red Hat Security Advisory: libvirt security and bug fix update

An update for libvirt is now available for Red Hat Enterprise Linux 7.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

5.5CVSS7.3AI score0.44097EPSS
Exploits2References3
Fedora
Fedoraadded 2018/06/21 3:2 p.m.52 views

[SECURITY] Fedora 28 Update: libvirt-4.1.0-3.fc28

Libvirt is a C toolkit to interact with the virtualization capabilities of recent versions of Linux and other OSes. The main package includes the libvirtd server exporting the virtualization support...

5.5CVSS3.9AI score0.44097EPSS
Exploits2
Fedora
Fedoraadded 2018/01/03 9:19 p.m.28 views

[SECURITY] Fedora 26 Update: libvirt-3.2.1-7.fc26

Libvirt is a C toolkit to interact with the virtualization capabilities of recent versions of Linux and other OSes. The main package includes the libvirtd server exporting the virtualization support...

8.1CVSS3.9AI score0.00772EPSS
Exploits0
Fedora
Fedoraadded 2017/12/12 11:30 a.m.41 views

[SECURITY] Fedora 27 Update: libvirt-3.7.0-3.fc27

Libvirt is a C toolkit to interact with the virtualization capabilities of recent versions of Linux and other OSes. The main package includes the libvirtd server exporting the virtualization support...

8.1CVSS3.9AI score0.00772EPSS
Exploits0
UbuntuCve
UbuntuCveadded 2017/11/27 4:29 p.m.20 views

CVE-2017-15114

When libvirtd is configured by OSP director tripleo-heat-templates to use the TLS transport it defaults to the same certificate authority as all non-libvirtd services. As no additional authentication is configured this allows these services to connect to libvirtd which is equivalent to root acces...

9.3CVSS7.1AI score0.00872EPSS
Exploits0References3
Prion
Prionadded 2017/11/27 4:29 p.m.18 views

Spoofing

When libvirtd is configured by OSP director tripleo-heat-templates to use the TLS transport it defaults to the same certificate authority as all non-libvirtd services. As no additional authentication is configured this allows these services to connect to libvirtd which is equivalent to root acces...

9.3CVSS8.4AI score0.00872EPSS
Exploits0References2Affected Software1
NVD
NVDadded 2017/11/27 4:29 p.m.23 views

CVE-2017-15114

When libvirtd is configured by OSP director tripleo-heat-templates to use the TLS transport it defaults to the same certificate authority as all non-libvirtd services. As no additional authentication is configured this allows these services to connect to libvirtd which is equivalent to root acces...

9.3CVSS8.5AI score0.00872EPSS
Exploits0References2
OSV
OSVadded 2017/11/27 4:29 p.m.3 views

CVE-2017-15114

When libvirtd is configured by OSP director tripleo-heat-templates to use the TLS transport it defaults to the same certificate authority as all non-libvirtd services. As no additional authentication is configured this allows these services to connect to libvirtd which is equivalent to root acces...

8.1CVSS5.6AI score
Exploits0References2
Cvelist
Cvelistadded 2017/11/27 4:0 p.m.27 views

CVE-2017-15114

When libvirtd is configured by OSP director tripleo-heat-templates to use the TLS transport it defaults to the same certificate authority as all non-libvirtd services. As no additional authentication is configured this allows these services to connect to libvirtd which is equivalent to root acces...

8.5AI score0.00872EPSS
Exploits0References2
CVE
CVEadded 2017/11/27 4:0 p.m.72 views

CVE-2017-15114

Technical details are not publicly available in the provided connected documents. The CVE description is repeated across sources without specifics on affected products, versions, or fixes. Monitor for updates from vendor advisories.

9.3CVSS8.4AI score0.00872EPSS
Exploits0References2Affected Software1
RedhatCVE
RedhatCVEadded 2017/11/15 5:23 a.m.26 views

CVE-2017-15114

When libvirtd is configured by OSP director tripleo-heat-templates to use TLS transport, it defaults to the same certificate authority as all non-libvirtd services. As no additional authentication is configured, this allows these services to connect to libvirtd which is equivalent to root access...

9.3CVSS3.7AI score0.00872EPSS
Exploits0References2
Tenable Nessus
Tenable Nessusadded 2017/08/28 12:0 a.m.30 views

Fedora 26 : xen (2017-b8fa8e1a13)

full fix for XSA-226, replacing workaround drop conflict of xendomain and libvirtd as can cause problems 1398590 add-to-physmap error paths fail to release lock on ARM XSA-235 1484476 Qemu: audio: host memory leakage via capture buffer CVE-2017-8309 1446521 Qemu: input: host memory leakage via...

7.8CVSS7.4AI score0.01106EPSS
Exploits0References3
RedHat Linux
RedHat Linuxadded 2017/06/20 12:44 p.m.31 views

Important: Red Hat Security Advisory: Red Hat OpenStack Platform director security update

An update is now available for Red Hat OpenStack Platform 8.0 Liberty. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from t...

10CVSS7.3AI score0.00539EPSS
Exploits0References4
RedHat Linux
RedHat Linuxadded 2017/06/20 12:23 p.m.43 views

Important: Red Hat Security Advisory: Red Hat OpenStack Platform director security update

An update is now available for Red Hat OpenStack Platform 7.0 Kilo. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...

10CVSS7.3AI score0.00539EPSS
Exploits0References3
RedHat Linux
RedHat Linuxadded 2017/06/19 2:45 p.m.32 views

Important: Red Hat Security Advisory: Red Hat OpenStack Platform director security update

An update is now available for Red Hat OpenStack Platform 9.0 Mitaka. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

10CVSS7.3AI score0.00539EPSS
Exploits0References6
RedhatCVE
RedhatCVEadded 2017/05/17 3:9 p.m.21 views

CVE-2017-2637

A design flaw issue was found in the Red Hat OpenStack Platform director use of TripleO to enable libvirtd based live-migration. Libvirtd is deployed by default by director listening on 0.0.0.0 all interfaces with no-authentication or encryption. Anyone able to make a TCP connection to any comput...

10CVSS0.1AI score0.00539EPSS
Exploits0References2
RedHat Linux
RedHat Linuxadded 2017/05/17 12:19 p.m.3 views

rhosp-director: libvirtd is deployed with no authentication

A design flaw issue was found in the Red Hat OpenStack Platform director use of TripleO to enable libvirtd based live-migration. Libvirtd is deployed by default by director listening on 0.0.0.0 all interfaces with no-authentication or encryption. Anyone able to make a TCP connection to any comput...

10CVSS5.8AI score0.00539EPSS
Exploits0References6
Rows per page
Query Builder