36 matches found
CVE-2018-1111
The CVE-2018-1111 issue affects the DHCP client NetworkManager integration script in Red Hat Enterprise Linux 6/7, Fedora 28 and earlier. A malicious or spoofed DHCP server can inject commands with root privileges by exploiting the DHCP processing path, enabling remote command execution on affect...
CVE-2015-3456
The CVE-2015-3456 VENOM issue affects QEMU’s Floppy Disk Controller emulation (FDC), also used by VirtualBox and other virtualization stacks in Xen 4.5.x and earlier and KVM. The vulnerability is a buffer/out-of-bounds condition in the FDC where certain commands (notably FD_CMD_READ_ID and FD_CMD...
CVE-2012-3404
CVE-2012-3404 affects the GNU C Library (glibc) in the vfprintf path (stdio-common/vfprintf.c). The issue is a miscalculation of buffer length that can bypass Fortify_SOURCE format-string protections when using positional parameters with many specifiers, enabling context-dependent DoS via a craft...
CVE-2012-3406
The CVE-2012-3406 issue concerns glibc’s vfprintf (stdio-common/vfprintf.c). It states that glibc 2.5, 2.12, and likely other versions fail to properly restrict the use of alloca when allocating the SPECS array, which can bypass FORTIFY_SOURCE format-string protection and lead to a denial of serv...
CVE-2010-0435
CVE-2010-0435 is a KVM/Hypervisor NULL pointer dereference vulnerability that arises when Intel VT-x is enabled, allowing a privileged guest to crash the host via instruction-emulation vectors. Public advisories (RHBA/RHSA-2010-0622 for RHEL5/RHEV 2.2 and ELSA-2010-0627/ELSA-2010-0627) document h...
CVE-2012-3405
CVE-2012-3405 affects the GNU C Library (glibc) vfprintf handling in stdio-common/vfprintf.c, where improper buffer length calculation can bypass Fortify_source format-string protection and trigger a denial of service via a crafted format string with many specifiers. Public references in the Debi...
CVE-2014-0179
Libvirt vulnerability CVE-2014-0179 affects libvirt 0.7.5 through 1.2.x before 1.2.5. A crafted XML document containing an XML External Entity declaration with an entity reference to the virConnectCompareCPU or virConnectBaselineCPU API can be parsed due to XML_PARSE_NOENT behavior, allowing loca...
CVE-2013-4282
CVE-2013-4282 – SPICE stack overflow vulnerability Affected: SPICE server components (SPICE 0.12.0 and related packages) where the reds_handle_ticket function in server/reds.c processes SPICE tickets.Root cause: stack-based buffer overflow triggered by a long password in a SPICE ticket.Impact: re...
CVE-2008-3522
Vulnerability CVE-2008-3522 affects JasPer 1.900.1: a buffer overflow in jas_stream_printf (libjasper/base/jas_stream.c) may be triggered via mif_hdr_put and the use of vsprintf, potentially enabling context-dependent attackers to impact in an unspecified way. Public-advisory entries (OpenSUSE/SU...
CVE-2013-1591
CVE-2013-1591 describes a stack-based buffer overflow in the pixman library (libpixman), used by Pale Moon prior to 15.4. The issue is triggered by a path related to pixman’s manipulation routines and may cause crashes or, per some sources, potentially more severe outcomes. Connected advisories i...
CVE-2014-5177
Technical details about CVE-2014-5177 are not publicly available in the provided connected documents. Monitor for updates in the cited advisories and vendor notices to obtain confirmed affected versions, impact, and remediation steps.
CVE-2013-2151
CVE-2013-2151 affects Red Hat Enterprise Virtualization (RHEV) 3 and 3.2. The vulnerability is an unquoted Windows search path flaw in the rhev-guest-tools (Windows guest tools) and related agent/service, enabling local users to escalate privileges via a crafted executable located in an unquoted ...
CVE-2015-5201
CVE-2015-5201 affects VDSM and libvirt in Red Hat Enterprise Virtualization Hypervisor (RHEV-H) 6-6.x (before 6-6.7-20151117.0) and 7-7.x (before 7-7.2-20151119.0) as packaged before RHEV-H 3.5.6. The underlying issue occurs when VSDM runs with -spice disable-ticketing and a VM is suspended and t...
CVE-2018-1117
CVE-2018-1117 affects ovirt-ansible-roles prior to 1.0.6. The issue comes from a missing no_log directive, causing admin passwords to be disclosed in the provisioning log when adding an oVirt provider to ManageIQ/CloudForms. Impact is information disclosure with potential privilege escalation in ...
CVE-2013-2152
The CVE-2013-2152 entry describes an Unquoted Windows search path vulnerability in the SPICE service used by Red Hat Enterprise Virtualization (RHEV) 3.2, enabling local privilege escalation via a crafted executable in an unquoted path. This is caused by unquoted search paths in the SPICE service...
CVE-2010-0429
CVE-2010-0429 concerns the libspice component of QEMU-KVM used by Red Hat Enterprise Virtualization (RHEV) 2.2 and qspice 0.3.0. The vulnerability arises from not properly restricting addresses for memory-management actions, allowing a privileged guest user to cause a guest crash (denial of servi...
CVE-2013-0167
CVE-2013-0167 affects Red Hat Enterprise Virtualization Hypervisor’s VDSM: when processing guestInfo dictionaries, unexpected fields can be exploited by a privileged guest to render the host unavailable to the management server. The issue is addressed in Red Hat advisories RHSA-2013:0886 (vdsm se...
CVE-2013-4236
CVE-2013-4236 affects VDSM in Red Hat Enterprise Virtualization 3 and 3.2. The issue stems from an incomplete fix for CVE-2013-0167 and can allow a privileged guest user to make the host running the guest unavailable to the management server via invalid XML characters in a guest agent response. P...
CVE-2010-0431
CVE-2010-0431 affects QEMU-KVM (RHEV/kvm) where the host did not fully validate guest QXL driver pointers, enabling a privileged guest? user to crash the host (denial of service) or potentially escalate privileges. Public data show Red Hat/RHEV hypervisor updates (RHSA-2010-0622) and KVM updates ...
CVE-2017-2614
The CVE-2017-2614 issue affects ovirt-engine-extension-aaa-jdbc and the ovirt-aaa-jdbc-tool prior to 1.1.3. The root cause is that the tool fails to correctly verify the current password when it is expired during password updates in the rhvm database, allowing an attacker with access to change su...
CVE-2016-4443
The CVE-2016-4443 issue affects Red Hat Virtualization Manager (RHEV/RHV) 3.6. A local attacker could read the engine-setup log file and obtain sensitive data, including encryption keys and certificates, due to improper logging of setup results. The root cause is leakage of confidential informati...
CVE-2018-1074
CVE-2018-1074 affects ovirt-engine API and administration web portal before versions 4.2.2.5 and 4.1.11.2, exposing Power Management credentials (cleartext passwords) to Host Administrators who control the hosts. This could allow escalation to power-management systems. Connected sources confirm t...
CVE-2010-2811
CVE-2010-2811 affects Virtual Desktop Server Manager (VDSM) in Red Hat Enterprise Virtualization (RHEV) 2.2. Root cause: VDSM does not properly accept TCP connections for SSL sessions, enabling remote attackers to cause a denial-of-service (daemon outage) via crafted SSL traffic. Public reference...
CVE-2016-5432
CVE-2016-5432 affects the ovirt-engine-provisiondb utility in Red Hat Enterprise Virtualization (RHEV) Engine 4.0. The root cause is that authentication details used with --provision*db outputs were not properly sanitized before being written to log files, potentially exposing sensitive informati...
CVE-2015-1841
CVE-2015-1841 affects Red Hat Enterprise Virtualization Manager (RHEV-M) Web Admin interface: an idle timeout bypass allows a local user to access the web interface after selecting a VM in the VM grid view. Root cause is the web admin’s timeout not logging out when a VM is selected. The vulnerabi...
CVE-2016-6338
The CVE-2016-6338 issue affects ovirt-engine-webadmin (used by Red Hat Enterprise Virtualization Manager, RHEV-M, and RHEV-M 4.0). Root cause: webadmin session timeouts not properly enforced, enabling bypass via UI-driven actions that trigger repeating queries. Impact: potential session hijack/by...
CVE-2010-0428
The CVE-2010-0428 issue affects the libspice component of QEMU-KVM used by the host in Red Hat Enterprise Virtualization Hypervisor (rhev-hypervisor) and qspice 0.3.0. It stems from inadequate validation of guest QXL driver pointers, which can allow a privileged guest user to crash the host (deni...
CVE-2010-2784
CVE-2010-2784 affects QEMU-KVM (as used by Red Hat Enterprise Virtualization Hypervisor and KVM) where the subpage MMIO initialization did not properly select the index to access the callback array. This flaw could allow a privileged guest user to crash the guest (denial of service) or, potential...
CVE-2013-4181
CVE-2013-4181 is a reflected cross-site scripting (XSS) vulnerability in the addAlert function of the RedirectServlet used by oVirt Engine and Red Hat Enterprise Virtualization Manager (RHEV-M) in Red Hat Enterprise Virtualization 3 and 3.2. The issue allows an attacker to cause the user’s browse...
CVE-2014-3559
The CVE affects Red Hat Enterprise Virtualization (oVirt storage backend). Root cause: memory snapshots are not wiped on VM deletion, even with wipe-after-delete enabled, allowing remote authenticated users to read portions of a VM’s memory from an uninitialized storage volume. Impact per provide...
CVE-2014-3561
The CVE-2014-3561 issue affects Red Hat Enterprise Virtualization 3.4 via the rhevm-log-collector. The root cause is that rhevm-log-collector passes the PostgreSQL database password on the command line when invoking sosreport, enabling a local attacker to read the password by listing processes. T...
CVE-2013-2176
CVE-2013-2176 is an unquoted Windows search path vulnerability in the Red Hat Enterprise Virtualization Application Provisioning Tool (RHEV-APT) installed via rhev-guest-tools-iso (v3.2). The unquoted path could allow a local, unprivileged user to have a Trojan horse binary executed with SYSTEM p...
CVE-2014-3485
The CVE-2014-3485 issue affects oVirt’s ovirt-engine REST API (RHEV/RHEVM 3.4). Affected component: REST API handling within the ovirt-engine/JBoss server. Root cause: XML External Entity (XXE) processing flaw in XML API calls. Impact: remote authenticated users could read arbitrary files accessi...
CVE-2013-4280
CVE-2013-4280 affects RedHat vsdm 4.9.6 with an insecure temporary file vulnerability. The vulnerability’s impact is limited to integrity (I:H) with no confidentiality or availability impact per CVSS. It is a local-attack, low-complexity issue without required user interaction. Connected Nessus d...
CVE-2014-8167
CVE-2014-8167 affects vdsm and vdsclient; the root cause is missing hostname validation when communicating with another vdsm, which could allow a man-in-the-middle attack. The connected sources confirm the vulnerable component and the behavioral flaw, but do not provide a patch version or mitigat...
CVE-2016-6310
CVE-2016-6310 affects oVirt Engine (RHEV before 4.0). The vulnerability involves a information disclosure where ENGINE_HTTPS_PKI_TRUST_STORE_PASSWORD is exposed in /var/log/ovirt-engine/engine.log. The connected sources confirm the issue without detailing exploitation steps, affected versions bey...