Lucene search
+L

19 matches found

redhatcve
redhatcve
added 2025/05/22 11:20 a.m.17 views

CVE-2013-1063

usb-creator 0.2.47 before 0.2.47.1, 0.2.40 before 0.2.40ubuntu2, and 0.2.38 before 0.2.38.2 does not properly use D-Bus for communication with a polkit authority, which allows local users to bypass intended access restrictions by leveraging a PolkitUnixProcess PolkitSubject race condition via a 1...

7.2CVSS6.4AI score0.00373EPSS
Exploits0References1
ubuntu
ubuntu
added 2022/05/02 5:1 p.m.117 views

USN-5399-1: libvirt vulnerabilities

It was discovered that libvirt incorrectly handled certain locking operations. A local attacker could possibly use this issue to cause libvirt to stop accepting connections, resulting in a denial of service. This issue only affected Ubuntu 20.04 LTS. CVE-2021-3667 It was discovered that libvirt...

7.2CVSS6.5AI score0.01366EPSS
Exploits1
osv
osv
added 2022/05/02 5:1 p.m.10 views

USN-5399-1 libvirt vulnerabilities

It was discovered that libvirt incorrectly handled certain locking operations. A local attacker could possibly use this issue to cause libvirt to stop accepting connections, resulting in a denial of service. This issue only affected Ubuntu 20.04 LTS. CVE-2021-3667 It was discovered that libvirt...

7.2CVSS6.8AI score0.01366EPSS
Exploits1References7
rosalinux
rosalinux
added 2021/07/02 5:20 p.m.36 views

Advisory ROSA-SA-2021-1899

Software: libvirt 4.5.0 OS: Cobalt 7.9 CVE-ID: CVE-2020-25637 CVE-Crit: MEDIUM CVE-DESC: A double free memory issue has been detected in libvirt APIs in versions prior to 6.8.0 responsible for querying information about network interfaces of a running QEMU domain. This flaw affects the polkit...

7.2CVSS6.7AI score0.00529EPSS
Exploits0
nessus
nessus
added 2021/03/11 12:0 a.m.59 views

EulerOS Virtualization 2.9.0 : libvirt (EulerOS-SA-2021-1666)

According to the versions of the libvirt packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - A double free memory issue was found to occur in the libvirt API, in versions before 6.8.0, responsible for requesting informati...

8.8CVSS6.9AI score0.02294EPSS
Exploits0References5
nessus
nessus
added 2021/03/04 12:0 a.m.42 views

EulerOS Virtualization for ARM 64 3.0.6.0 : libvirt (EulerOS-SA-2021-1526)

According to the version of the libvirt packages installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerability : - A double free memory issue was found to occur in the libvirt API responsible for requesting information about network...

7.2CVSS6.9AI score0.00529EPSS
Exploits0References2
openvas
openvas
added 2021/01/08 12:0 a.m.22 views

Huawei EulerOS: Security Advisory for libvirt (EulerOS-SA-2021-1045)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.2CVSS7.1AI score0.00529EPSS
Exploits0References2
amazon
amazon
added 2020/12/09 12:0 a.m.44 views

Medium: libvirt

Issue Overview: A double free memory issue was found to occur in the libvirt API responsible for requesting information about network interfaces of a running QEMU domain. This flaw affects the polkit access control driver. Specifically, clients connecting to the read-write socket with limited ACL...

7.2CVSS7.8AI score0.00529EPSS
Exploits0
nessus
nessus
added 2020/12/09 12:0 a.m.46 views

Amazon Linux 2 : libvirt (ALAS-2020-1569)

The version of libvirt installed on the remote host is prior to 4.5.0-36. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2020-1569 advisory. A double free memory issue was found to occur in the libvirt API responsible for requesting information about network interfaces o...

7.2CVSS7AI score0.00529EPSS
Exploits0References3
redhat
redhat
added 2020/11/10 1:37 p.m.11 views

libvirt: double free in qemuAgentGetInterfaces() in qemu_agent.c

A double free memory issue was found to occur in the libvirt API responsible for requesting information about network interfaces of a running QEMU domain. This flaw affects the polkit access control driver. Specifically, clients connecting to the read-write socket with limited ACL permissions cou...

7.2CVSS7.1AI score0.00529EPSS
Exploits0References4
veracode
veracode
added 2020/10/08 2:2 p.m.46 views

Privilege Escalation

libvirt is vulnerable to arbitrary code execution. A double free memory issue affects the polkit access control driver and allows clients connecting to the read-write socket with limited ACL permissions to exploit the vulnerability to crash the libvirt daemon or potentially escalate their...

6.7CVSS5AI score0.00529EPSS
Exploits0References5Affected Software1
nvd
nvd
added 2020/10/06 2:15 p.m.21 views

CVE-2020-25637

A double free memory issue was found to occur in the libvirt API, in versions before 6.8.0, responsible for requesting information about network interfaces of a running QEMU domain. This flaw affects the polkit access control driver. Specifically, clients connecting to the read-write socket with...

7.2CVSS0.00529EPSS
Exploits0References5
ubuntucve
ubuntucve
added 2020/10/06 2:15 p.m.36 views

CVE-2020-25637

A double free memory issue was found to occur in the libvirt API, in versions before 6.8.0, responsible for requesting information about network interfaces of a running QEMU domain. This flaw affects the polkit access control driver. Specifically, clients connecting to the read-write socket with...

7.2CVSS6.8AI score0.00529EPSS
Exploits0References2
debiancve
debiancve
added 2020/10/06 12:0 a.m.41 views

CVE-2020-25637

A double free memory issue was found to occur in the libvirt API, in versions before 6.8.0, responsible for requesting information about network interfaces of a running QEMU domain. This flaw affects the polkit access control driver. Specifically, clients connecting to the read-write socket with...

7.2CVSS7.3AI score0.00529EPSS
Exploits0
cvelist
cvelist
added 2020/10/06 12:0 a.m.33 views

CVE-2020-25637

A double free memory issue was found to occur in the libvirt API, in versions before 6.8.0, responsible for requesting information about network interfaces of a running QEMU domain. This flaw affects the polkit access control driver. Specifically, clients connecting to the read-write socket with...

6.7AI score0.00529EPSS
Exploits0References5
alpinelinux
alpinelinux
added 2020/10/06 12:0 a.m.61 views

CVE-2020-25637

A double free memory issue was found to occur in the libvirt API, in versions before 6.8.0, responsible for requesting information about network interfaces of a running QEMU domain. This flaw affects the polkit access control driver. Specifically, clients connecting to the read-write socket with...

7.2CVSS6.9AI score0.00529EPSS
Exploits0
redhatcve
redhatcve
added 2020/09/30 4:19 p.m.40 views

CVE-2020-25637

A double free memory issue was found to occur in the libvirt API responsible for requesting information about network interfaces of a running QEMU domain. This flaw affects the polkit access control driver. Specifically, clients connecting to the read-write socket with limited ACL permissions cou...

7.2CVSS2.4AI score0.00529EPSS
Exploits0References3
oraclelinux
oraclelinux
added 2019/11/14 12:0 a.m.33 views

systemd security, bug fix, and enhancement update

239-18.0.1 - fix netdev is missing for iscsi entry in /etc/fstab [email protected] Orabug: 25897792 - set 'RemoveIPC=no' in logind.conf as default for OL7.2 Orabug: 22224874 - allow dm remove ioctl to co-operate with UEK3 Vaughan Cao Orabug: 18467469 - add hv dynamic memory support Jerry...

4.4CVSS5.5AI score0.00511EPSS
Exploits1
osv
osv
added 2013/10/03 9:55 p.m.11 views

CVE-2013-4326

RealtimeKit aka rtkit 0.5 does not properly use D-Bus for communication with a polkit authority, which allows local users to bypass intended access restrictions by leveraging a PolkitUnixProcess PolkitSubject race condition via a 1 setuid process or 2 pkexec process, a related issue to...

6.2AI score
Exploits0References5
Rows per page
Query Builder