Lucene search
K
RedhatVirtualization

128 matches found

CVE
CVE
added 2018/03/20 12:0 a.m.241 views

CVE-2018-8088

CVE-2018-8088 details (normal mode) : The issue affects SLF4J’s slf4j-ext EventData in QOS.CH SLF4J before 1.8.0-beta2, where crafted data can bypass access restrictions. The fix is in SLF4J 1.7.26+ and in the 2.0.x series. Connected advisories corroborate the vulnerability description across Lin...

9.8CVSS9.3AI score0.15087EPSS
CVE
CVE
added 2018/08/17 12:0 p.m.240 views

CVE-2018-10873

CVE-2018-10873 affects SPICE before 0.14.1: a missing bounds check in demarshal.py:write_validate_array_item can be exploited by an authenticated remote peer to crash the SPICE client/server. Public advisories (Debian, IBM, Mageia/CentOS) describe denial of service and potential code execution im...

8.8CVSS8AI score0.03934EPSS
CVE
CVE
added 2020/01/02 2:15 p.m.232 views

CVE-2019-14859

CVE-2019-14859 affects the Python library python-ecdsa. A flaw exists in all versions before 0.13.3 where signatures are not properly verified for DER encoding, allowing a malformed signature to be accepted and making signatures malleable. This could enable an attacker to use a malleable signatur...

9.1CVSS8.8AI score0.01596EPSS
CVE
CVE
added 2018/01/22 4:0 a.m.220 views

CVE-2018-5968

CVE-2018-5968 concerns FasterXML jackson-databind deserialization. The entry notes unauthenticated remote code execution via two gadgets that bypass a blacklist, stemming from an incomplete fix for CVE-2017-7525 and CVE-2017-17485. Connected sources specify affected jackson-databind versions and ...

8.1CVSS9.6AI score0.06962EPSS
CVE
CVE
added 2018/06/05 1:0 p.m.214 views

CVE-2018-1000180

CVE-2018-1000180 affects Bouncy Castle BC 1.54–1.59 (and BC-FJA 1.0.0/1.0.1) with a flaw in the Low-level RSA key pair generator interface that may produce RSA key pairs with fewer Miller–Rabin primality tests than expected. IBM vulnerability bulletins associate this CVE with IBM products (e.g., ...

7.5CVSS7.1AI score0.03622EPSS
CVE
CVE
added 2022/08/31 3:32 p.m.210 views

CVE-2022-2132

CVE-2022-2132 is a DoS vulnerability in DPDK caused by a permissive input validation that allows a remote attacker to trigger a denial of service by sending a crafted Vhost header. The issue affects the DPDK component handling Vhost descriptors, where processing of the Vhost header can exhaust mb...

8.6CVSS8AI score0.01772EPSS
CVE
CVE
added 2019/03/26 12:0 a.m.209 views

CVE-2019-3804

The CVE-2019-3804 issue affects cockpit prior to version 184, where glib’s base64 decode path is mishandled, allowing an unauthenticated attacker to send a crafted request with an invalid base64-encoded cookie and crash the web service (denial of service). Public documents consistently reference ...

7.5CVSS7.2AI score0.04858EPSS
CVE
CVE
added 2017/08/02 7:0 p.m.205 views

CVE-2017-10664

CVE-2017-10664 affects qemu-nbd in QEMU. The issue arises because SIGPIPE is not ignored, allowing remote attackers to trigger a denial of service (daemon crash) by disconnecting during a server-to-client reply. The vulnerability is referenced across multiple advisories and Nessus plugins (e.g., ...

7.5CVSS7.2AI score0.04028EPSS
CVE
CVE
added 2018/01/10 3:0 p.m.203 views

CVE-2017-7536

CVE-2017-7536 affects Hibernate Validator 5.2.x (before 5.2.5), 5.3.x, and 5.4.x. If the security manager’s reflective permissions are granted to Hibernate Validator, a privilege escalation can occur by allowing access to private members, enabling reading private member values via ConstraintViola...

7CVSS7.3AI score0.00482EPSS
CVE
CVE
added 2018/10/31 7:0 p.m.193 views

CVE-2018-14659

The CVE-2018-14659 vulnerability affects GlusterFS up to versions 4.1.4 and 3.1.2. An authenticated, remote attacker could mount a Gluster volume and repeatedly call setxattr via GF_XATTR_IOSTATS_DUMP_KEY to trigger a state dump and create an arbitrary number of files in the server runtime direct...

6.5CVSS7AI score0.02172EPSS
CVE
CVE
added 2018/10/31 7:0 p.m.192 views

CVE-2018-14654

CVE-2018-14654 affects GlusterFS (up to 4.1.x) via the GF_XATTROP_ENTRY_IN_KEY path in the translator used during mounting, allowing a remote attacker with access to mounted volumes to create arbitrary, empty files on the server. Exploitation details are not provided in the given documents. Remed...

8.5CVSS7.1AI score0.0263EPSS
Web
CVE
CVE
added 2016/05/11 9:0 p.m.190 views

CVE-2016-3710

CVE-2016-3710 : A bounds-checking flaw in QEMU’s VGA module (VBE read/write via I/O ports) allows a privileged guest to modify banked video memory and execute arbitrary code on the host with QEMU process privileges. Root cause: out-of-bounds read/write in VGA bank access. Impact: potential host c...

8.8CVSS8.7AI score0.00916EPSS
CVE
CVE
added 2016/08/02 4:0 p.m.189 views

CVE-2016-5403

CVE-2016-5403 affects QEMU’s virtio path (virtqueue_pop in hw/virtio/virtio.c). A local guest OS administrator can cause a denial of service via unbounded memory allocation by submitting virtqueue requests without waiting for completion, potentially crashing the QEMU process. Public postings acro...

5.5CVSS5.9AI score0.0052EPSS
CVE
CVE
added 2015/08/31 10:0 a.m.185 views

CVE-2015-3214

CVE-2015-3214 affects QEMU prior to 2.3.1 (pit_ioport_read in i8254.c) and Linux kernel prior to 2.6.33. The flaw does not distinguish between read and write lengths, potentially allowing a privileged guest user (with PIT emulation enabled) to trigger an invalid index and cause arbitrary host cod...

6.9CVSS6.1AI score0.01594EPSS
CVE
CVE
added 2018/07/02 1:0 p.m.181 views

CVE-2018-10874

CVE-2018-10874 affects Ansible. The issue arises when inventory variables are loaded from the current working directory during ad-hoc commands, which attackers can control, enabling arbitrary code execution (local attacker could compromise the target via manipulated inventory vars). The NVD entry...

7.8CVSS7.8AI score0.00485EPSS
CVE
CVE
added 2020/03/19 1:11 p.m.180 views

CVE-2019-19336

CVE-2019-19336 affects oVirt-engine (OAuth authorization endpoint); the vulnerability is a reflected XSS via the response_type parameter, enabling script execution in a user’s session. Affected versions before 4.3.8 are vulnerable. Remediation: update to 4.3.8 or later (per initial description). ...

6.1CVSS5.7AI score0.00941EPSS
CVE
CVE
added 2018/11/01 2:0 p.m.177 views

CVE-2018-14660

CVE-2018-14660 : A flaw in GlusterFS server (versions up to 4.1.4 and 3.1.2) lets a remote, authenticated attacker repeatedly call setxattr on GF_META_LOCK_KEY to create multiple locks for a single inode, leading to memory exhaustion on the GlusterFS server node. Connected documents confirm Glust...

6.5CVSS7AI score0.02515EPSS
CVE
CVE
added 2015/08/12 2:0 p.m.176 views

CVE-2015-5165

CVE-2015-5165 affects the RTL8139 emulation in QEMU (C+ mode offload) used by Xen 4.5.x and earlier. A remote attacker could read heap memory in the QEMU process via unspecified vectors, potentially exposing host data. Public sources in connected docs document this as an information-leak flaw in ...

9.3CVSS6.5AI score0.13288EPSS
CVE
CVE
added 2016/04/08 4:0 p.m.176 views

CVE-2016-1568

CVE-2016-1568 is a use-after-free in QEMU’s AHCI emulation (hw/ide/ahci.c) when IDE AHCI Emulation is enabled. A guest user can cause a denial of service (QEMU process crash) and potentially execute arbitrary code via an invalid AHCI NCQ AIO command. The issue is triggered by use-after-free in NC...

8.8CVSS9.2AI score0.00533EPSS
CVE
CVE
added 2023/04/10 12:0 a.m.175 views

CVE-2023-1668

CVE-2023-1668 — Open vSwitch (OVS) has a flaw where, when processing an IP packet with protocol 0, OVS installs a datapath flow whose action does not modify the IP header. This can cause a datapath rule matching all IP protocols (nw_proto wildcarded) to have an incorrect action, risking improper ...

8.2CVSS7.7AI score0.01216EPSS
CVE
CVE
added 2018/10/31 8:0 p.m.158 views

CVE-2018-14661

Technical details for CVE-2018-14661 are not provided in the connected documents. Public information in the initial entry confirms a format-string vulnerability in GlusterFS, but no affected versions, exploit details, or fixes are included here. Monitor for updates.

6.5CVSS6.9AI score0.02655EPSS
CVE
CVE
added 2015/06/15 3:0 p.m.155 views

CVE-2015-3209

CVE-2015-3209 : Heap-based buffer overflow in the QEMU PCNET network device allows remote code execution via crafted packet sequences (TXSTATUS_STARTPACKET then TXSTATUS_DEVICEOWNS). This is a QEMU vulnerability discussed in multiple advisories (notably Arista/Security Advisory 0013 and F5/Multi-...

7.5CVSS6.5AI score0.09668EPSS
CVE
CVE
added 2018/09/11 3:0 p.m.153 views

CVE-2018-1114

CVE-2018-1114 corresponds to an Undertow issue where URLResource.getLastModified() closes file descriptors only when finalized, enabling a file descriptor leak and potential exhaustion. The vulnerability is evidenced in multiple sources (GHSA- GJJX-GQM4-WCGM, Red Hat advisories) describing an unc...

6.5CVSS6.2AI score0.02329EPSS
CVE
CVE
added 2018/10/09 10:0 p.m.153 views

CVE-2018-17958

CVE-2018-17958 affects QEMU, specifically the rtl8139 network device implementation (rtl8139_do_receive in hw/net/rtl8139.c). The root cause is an incorrect integer data type, which leads to a buffer overflow. The description and connected advisories confirm the vulnerability but do not provide a...

7.5CVSS8.4AI score0.06169EPSS
CVE
CVE
added 2017/03/27 3:0 p.m.151 views

CVE-2017-5973

Technical details about CVE-2017-5973 are not publicly provided in the connected documents. Available records reference QEMU's xhci_kick_epctx vulnerability but do not expose deeper data (affected versions, exploit info, or fixes). Monitor for updates.

5.5CVSS5.5AI score0.00456EPSS
CVE
CVE
added 2018/02/23 5:0 p.m.151 views

CVE-2018-6764

CVE-2018-6764 affects libvirt: util/virlog.c may fail to determine the hostname during LXC container startup, enabling a local attacker (guest OS user) to bypass container protections and run arbitrary commands via a crafted NSS module. The issue is concrete in libvirt’s LXC handling and NSS modu...

7.8CVSS6.5AI score0.00332EPSS
CVE
CVE
added 2018/10/09 10:0 p.m.149 views

CVE-2018-17963

CVE-2018-17963 affects QEMU’s net/iov path. The vulnerability is introduced by qemu_deliver_packet_iov in net/net.c, which accepts packet sizes greater than INT_MAX, enabling a remote attacker to trigger a denial of service (and potentially other unspecified impact) by sending oversized packets. ...

9.8CVSS9.7AI score0.04782EPSS
CVE
CVE
added 2016/11/04 9:0 p.m.148 views

CVE-2016-8576

CVE-2016-8576 affects QEMU’s USB xHCI emulation. The vulnerability is in xhci_ring_fetch (hw/usb/hcd-xhci.c), where failure to limit the number of TRBs can be exploited by a local privileged guest to cause an infinite loop and a DoS of the QEMU process. The initial documents do not specify exploi...

6CVSS5.3AI score0.00386EPSS
CVE
CVE
added 2012/11/23 8:0 p.m.141 views

CVE-2012-3515

CVE-2012-3515 affects QEMU (as used in Xen 4.0/4.1) where emulating certain devices with a virtual console backend lets local guest OS users gain privileges via a crafted escape VT100 sequence that overwrites a device model’s address space. Connected documents confirm this CVE is included in mult...

7.2CVSS5.9AI score0.00528EPSS
CVE
CVE
added 2016/01/12 7:0 p.m.141 views

CVE-2015-1779

CVE-2015-1779 affects QEMU with the VNC websocket frame decoder. The issue allows a remote attacker to cause a denial of service by sending oversized websocket payloads or HTTP headers, exhausting CPU and memory. Impact is observed when an attacker accesses a guest’s VNC console over the network....

8.6CVSS7.9AI score0.07393EPSS
CVE
CVE
added 2016/11/04 9:0 p.m.141 views

CVE-2016-8909

CVE-2016-8909 is an issue in QEMU’s Intel High Definition Audio emulation. The vulnerability exists in the intel_hda_xfer function (hw/audio/intel-hda.c) where an entry with the same value for buffer length and pointer position can be supplied by a local attacker (local guest OS administrator), l...

6CVSS6.1AI score0.00441EPSS
CVE
CVE
added 2016/12/23 10:0 p.m.141 views

CVE-2016-9921

According to connected sources, CVE-2016-9921 affects QEMU with Cirrus CLGD 54xx VGA Emulator. The root cause is a divide-by-zero in cirrus_do_copy when Cirrus VGA graphics mode is VGA, which can be triggered during VGA data copying. Impact is guest-privileged code causing a host DoS by crashing ...

6.5CVSS6.3AI score0.00394EPSS
CVE
CVE
added 2023/10/06 5:43 p.m.140 views

CVE-2023-5366

CVE-2023-5366 affects Open vSwitch. The flaw allows ICMPv6 Neighbor Advertisement packets between VMs to bypass OpenFlow rules, enabling a local attacker to craft packets with a spoofed target IP to redirect ICMPv6 traffic. Connected advisories confirm patched/Open vSwitch versions are available ...

7.1CVSS6.2AI score0.00389EPSS
CVE
CVE
added 2016/12/23 10:0 p.m.139 views

CVE-2016-9911

CVE-2016-9911 (QEMU) : A memory leak vulnerability in QEMU built with USB EHCI emulation. The leak occurs while processing packet data in ehci_init_transfer, allowing a guest user/process to leak host memory and potentially cause a DoS on the host. The available connected documents confirm the pr...

6.5CVSS6.3AI score0.00367EPSS
CVE
CVE
added 2016/11/04 9:0 p.m.137 views

CVE-2016-8910

CVE-2016-8910 affects QEMU: the rtl8139_cplus_transmit function in hw/net/rtl8139.c can allow a local privileged user to cause a denial of service (infinite loop/CPU usage) by failing to limit the ring descriptor count. No public details on patch/version are provided in the connected documents.

6CVSS6AI score0.00407EPSS
CVE
CVE
added 2018/07/27 4:0 p.m.137 views

CVE-2017-15119

CVE-2017-15119 affects the NBD server in Quick Emulator (QEMU). The NBD server can be DoSed if a client sends oversized option requests, causing the server to spend CPU time reading up to 4 GB per request and potentially starving other requests. This vulnerability is described as occurring in QEM...

8.6CVSS8.6AI score0.03325EPSS
CVE
CVE
added 2018/07/27 2:0 p.m.136 views

CVE-2018-10862

WildFly Core before 6.0.0.Alpha3 is vulnerable due to insufficient validation of file paths in .war archives, enabling crafted archives to overwrite arbitrary files (Zip Slip). The issue is confirmed by linked advisories (GHSA-W8R2-5J8X-X8J6) and Red Hat security notes referencing CVE-2018-10862....

5.5CVSS5.5AI score0.01262EPSS
CVE
CVE
added 2009/11/20 5:0 p.m.134 views

CVE-2009-3080

CVE-2009-3080 affects the Linux kernel gdth driver (gdth_read_event in drivers/scsi/gdth.c). In kernels before 2.6.32-rc8, a negative event index in an IOCTL can allow local users to cause a denial of service or potentially gain privileges. MiracleLinux advisories cite this CVE as part of affecte...

7.2CVSS7AI score0.00417EPSS
CVE
CVE
added 2018/04/24 6:0 p.m.133 views

CVE-2018-1059

The CVE concerns the DPDK vhost-user interface, where Guest Physical Addresses to Host Virtual Addresses translations do not verify that the requested guest physical range is fully mapped and contiguous. This can expose vhost-user backend memory to a malicious guest. The vulnerability affects all...

6.1CVSS5.8AI score0.00878EPSS
CVE
CVE
added 2014/06/05 8:0 p.m.130 views

CVE-2014-3467

GNUTLS/library libtasn1 vulnerability CVE-2014-3467 is due to multiple issues in the DER decoder of GNU Libtasn1 up to version 3.5.x (pre-3.6), exploited by crafted ASN.1 data to cause a denial of service via out-of-bounds read. The issue is confirmed in multiple advisories (F5 SOL15423, ALAS-201...

5CVSS6AI score0.068EPSS
CVE
CVE
added 2021/03/18 6:56 p.m.130 views

CVE-2019-14850

CVE-2019-14850 affects nbdkit versions 1.12.7, 1.14.1, and 1.15.1, where a remote attacker can cause DoS by opening a connection that triggers extensive work initializing backend plugins, leading to resource consumption and service degradation. The underlying cause is premature opening of back-en...

3.7CVSS3.8AI score0.01601EPSS
CVE
CVE
added 2016/01/08 9:0 p.m.128 views

CVE-2015-7512

CVE-2015-7512 is a buffer overflow in the PC-Net II Ethernet controller emulation (hw/net/pcnet.c) of QEMU. The flaw occurs when handling packets for guests with a larger MTU, allowing a remote attacker to trigger a denial of service (guest OS crash) or potentially execute arbitrary code. Connect...

9CVSS9.3AI score0.0773EPSS
CVE
CVE
added 2013/10/04 5:0 p.m.127 views

CVE-2013-4344

CVE-2013-4344 is a buffer overflow in QEMU’s SCSI REPORT LUNS handling when a SCSI controller has more than 256 LUNs. A privileged guest user could corrupt the host QEMU process memory and potentially execute arbitrary code on the host. Affected components: QEMU/KVM user-space (qemu-kvm and relat...

7.2CVSS8.3AI score0.00434EPSS
CVE
CVE
added 2016/04/08 4:0 p.m.127 views

CVE-2016-2857

CVE-2016-2857 is a QEMU vulnerability in the IP checksum routines: the net_checksum_calculate function in net/checksum.c permits local (guest) users to trigger an out-of-bounds heap read, crashing the QEMU process via a crafted packet payload length. Multiple Nessus/MIRACLE-Linux advisories refer...

8.4CVSS6.6AI score0.00564EPSS
CVE
CVE
added 2014/12/12 3:0 p.m.125 views

CVE-2014-7840

The CVE-2014-7840 entry concerns QEMU: during RAM loading in migration, the host_from_stream_offset function in arch_init.c accepts crafted savevm data offset/length values, enabling a remote attacker to execute arbitrary code. The vulnerability affects the RAM-load path of migration, with the de...

7.5CVSS7.1AI score0.04115EPSS
CVE
CVE
added 2016/06/01 10:0 p.m.124 views

CVE-2016-5126

Summary of CVE-2016-5126 family in Debian DLA-1927-1 (qemu security update) Debian DLA-1927-1 documents multiple QEMU vulnerabilities, including CVE-2016-5126 (heap-based buffer overflow in iscsi_aio_ioctl in block/iscsi.c) which allows a local guest user to crash the QEMU process or potentially ...

7.8CVSS7.9AI score0.00701EPSS
CVE
CVE
added 2016/11/04 9:0 p.m.124 views

CVE-2016-8669

CVE-2016-8669 affects QEMU: the serial_update_parameters function in hw/char/serial.c can be triggered by a divider value greater than baud base to cause a divide-by-zero and QEMU process crash. It is a local privilege vulnerability (guest to host) with denial of service as the impact. The connec...

6CVSS5.9AI score0.00362EPSS
CVE
CVE
added 2014/11/01 11:0 p.m.123 views

CVE-2014-3615

CVE-2014-3615 concerns the VGA emulator in QEMU. The issue allows a privileged guest (local to the host) to read host memory by setting the display to a high resolution, due to a memory-access flaw in VGA emulation. Public context in connected advisories confirms this was addressed by backporting...

2.1CVSS6.1AI score0.0045EPSS
CVE
CVE
added 2016/12/23 10:0 p.m.121 views

CVE-2016-9907

The CVE-2016-9907 issue affects Quick Emulator (QEMU) built with usb-guest USB redirector support. It describes a memory-leak flaw that can occur while destroying the usbredir device (usbredir_handle_destroy), allowing a guest user to leak host memory and potentially cause DoS on the host. Red Ha...

6.5CVSS6.5AI score0.00413EPSS
CVE
CVE
added 2014/11/14 3:0 p.m.119 views

CVE-2014-7815

CVE-2014-7815 affects the QEMU component: the function set_pixel_format in ui/vnc.c can be triggered remotely to crash the QEMU process (DoS) by sending a small value for bytes_per_pixel. The vulnerability is explicitly documented in multiple advisories and patches were issued in openSUSE/SUSE se...

5CVSS5.8AI score0.03742EPSS
Total number of security vulnerabilities128