Lucene search
+L

15 matches found

susecve
susecve
added 2023/02/15 4:13 a.m.3 views

SUSE CVE-2019-10132

A vulnerability was found in libvirt = 4.1.0 in the virtlockd-admin.socket and virtlogd-admin.socket systemd units. A missing SocketMode configuration parameter allows any user on the host to connect using virtlockd-admin-sock or virtlogd-admin-sock and perform administrative tasks against the...

7.1CVSS8.7AI score0.01411EPSS
Exploits0References4
osv
osv
added 2020/05/15 2:24 p.m.7 views

SUSE-SU-2020:1289-1 Security update for libvirt

This update for libvirt fixes the following issues: Security issue fixed: - CVE-2020-10703: Fixed a daemon crash caused by pools without target paths bsc1168683. Non-security issues fixed: - apparmor: avoid copying empty profile name bsc1149100. - logging: ensure virtlogd rollover takes priority...

6.5CVSS6.7AI score0.02363EPSS
Exploits1References9
redhatcve
redhatcve
added 2019/10/11 5:43 p.m.28 views

CVE-2019-10132

A flaw was found in libvirt in version 4.1.0 and earlier. A missing SocketMode configuration parameter allows any user on the host to connect using virtlockd-admin-sock or virtlogd-admin-sock and perform administrative tasks against the virtlockd and virtlogd daemons. The highest threat from this...

8.8CVSS5.4AI score0.01411EPSS
Exploits0References3
bdu_fstec
bdu_fstec
added 2019/08/13 12:0 a.m.6 views

The vulnerability of the virtlockd-admin.socket and virtlogd-admin.socket modules of the Libvirt management library allows attackers to increase their privileges.

The vulnerability of the virtlockd-admin.socket and virtlogd-admin.socket modules of the Libvirt management library is related to the absence of the SocketMode parameter. Exploiting this vulnerability can allow a remote attacker to increase their privileges...

6.5CVSS7.7AI score0.01411EPSS
Exploits0References12Affected Software6
veracode
veracode
added 2019/05/24 2:22 a.m.27 views

Authorization Bypass

libvirt.so is vulnerable to authorization bypass. A missing SocketMode configuration parameter allows a local user to connect using virtlockd-admin-sock or virtlogd-admin-sock and perform administrative tasks against the virtlockd and virtlogd daemons...

8.8CVSS8.3AI score0.01411EPSS
Exploits0References10Affected Software2
redhat
redhat
added 2019/05/23 4:12 p.m.6 views

libvirt: wrong permissions in systemd admin-sock due to missing SocketMode parameter

A flaw was found in libvirt in version 4.1.0 and earlier. A missing SocketMode configuration parameter allows any user on the host to connect using virtlockd-admin-sock or virtlogd-admin-sock and perform administrative tasks against the virtlockd and virtlogd daemons. The highest threat from this...

8.8CVSS7.3AI score0.01411EPSS
Exploits0References5
osv
osv
added 2019/05/22 6:29 p.m.29 views

CVE-2019-10132

A vulnerability was found in libvirt = 4.1.0 in the virtlockd-admin.socket and virtlogd-admin.socket systemd units. A missing SocketMode configuration parameter allows any user on the host to connect using virtlockd-admin-sock or virtlogd-admin-sock and perform administrative tasks against the...

8.8CVSS6.6AI score0.01411EPSS
Exploits0References8
osv
osv
added 2019/05/22 6:29 p.m.1 views

DEBIAN-CVE-2019-10132

A vulnerability was found in libvirt = 4.1.0 in the virtlockd-admin.socket and virtlogd-admin.socket systemd units. A missing SocketMode configuration parameter allows any user on the host to connect using virtlockd-admin-sock or virtlogd-admin-sock and perform administrative tasks against the...

8.8CVSS7.3AI score0.01411EPSS
Exploits0References1
cve
cve
added 2019/05/22 5:21 p.m.208 views

CVE-2019-10132

CVE-2019-10132 affects libvirt 4.1.0 and later, specifically the virtlockd-admin.socket and virtlogd-admin.socket systemd units. A missing SocketMode configuration parameter allows any host user to connect via virtlockd-admin-sock or virtlogd-admin-sock and perform administrative tasks on the vir...

8.8CVSS6.6AI score0.01411EPSS
Exploits0References8Affected Software1
openvas
openvas
added 2018/07/04 12:0 a.m.249 views

CentOS Update for libvirt CESA-2018:1997 centos7

Check the version of libvirt SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.882917";...

5.5CVSS7.3AI score0.60631EPSS
Exploits2References2
centos
centos
added 2018/07/03 6:53 p.m.131 views

libvirt security update

CentOS Errata and Security Advisory CESA-2018:1997 An update for libvirt is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...

5.5CVSS7.2AI score0.60631EPSS
Exploits2References7
nessus
nessus
added 2018/06/27 12:0 a.m.40 views

Scientific Linux Security Update : libvirt on SL7.x x86_64 (20180626) (Spectre)

Security Fixes : - An industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of Load & Store instructions a commonly used performance optimization. It relies on the presence of a precisely-defined instruction sequence in the privileged...

5.5CVSS7.2AI score0.60631EPSS
Exploits2References2
redhat
redhat
added 2018/06/26 4:59 p.m.43 views

Important: Red Hat Security Advisory: libvirt security and bug fix update

An update for libvirt is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from t...

5.5CVSS7.2AI score0.60631EPSS
Exploits2References5
nessus
nessus
added 2016/11/11 12:0 a.m.40 views

Oracle Linux 7 : libvirt (ELSA-2016-2577)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2016-2577 advisory. 2.0.0-10 - virtlogd: Don't stop or restart along with libvirtd rhbz1372576 2.0.0-9 - Add helper for removing transient definition rhbz1368774 - qemu:...

9.8CVSS7.2AI score0.03623EPSS
Exploits0References4
oraclelinux
oraclelinux
added 2016/11/09 12:0 a.m.42 views

libvirt security, bug fix, and enhancement update

2.0.0-10 - virtlogd: Don't stop or restart along with libvirtd rhbz1372576 2.0.0-9 - Add helper for removing transient definition rhbz1368774 - qemu: Remove stale transient def when migration fails rhbz1368774 - qemu: Don't use query-migrate on destination rhbz1374613 - conf: allow hotplugging...

9.8CVSS0.03623EPSS
Exploits0
Rows per page
Query Builder