Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Perimeter Scanner
Scanning
Projects
Scanner
Agent Scanning
API Scanning
Manual Audit
Email
Webhook
Resources
Documents
Blog
Glossary
FAQ
Plugins
Pricing
Contacts
About Us
Partners
Branding Guideline
Settings
Sign in
RedhatVirtualization4.0

84 matches found

CVE
CVEadded 2018/07/02 1:29 p.m.155 views

CVE-2018-10874

In ansible it was found that inventory variables are loaded from current working directory when running ad-hoc command which are under attacker's control, allowing to run arbitrary code as a result.

7.8CVSS7.8AI score0.00061EPSS
CVE
CVEadded 2018/01/10 3:29 p.m.153 views

CVE-2017-7536

In Hibernate Validator 5.2.x before 5.2.5 final, 5.3.x, and 5.4.x, it was found that when the security manager's reflective permissions, which allows it to access the private members of the class, are granted to Hibernate Validator, a potential privilege escalation can occur. By allowing the callin...

7CVSS7.3AI score0.00104EPSS
CVE
CVEadded 2018/10/31 8:29 p.m.138 views

CVE-2018-14661

It was found that usage of snprintf function in feature/locks translator of glusterfs server 3.8.4, as shipped with Red Hat Gluster Storage, was vulnerable to a format string attack. A remote, authenticated attacker could use this flaw to cause remote denial of service.

6.5CVSS6.9AI score0.03273EPSS
CVE
CVEadded 2023/04/10 10:15 p.m.138 views

CVE-2023-1668

A flaw was found in openvswitch (OVS). When processing an IP packet with protocol 0, OVS will install the datapath flow without the action modifying the IP header. This issue results (for both kernel and userspace datapath) in installing a datapath flow matching all IP protocols (nw_proto is wildca...

8.2CVSS7.7AI score0.00076EPSS
CVE
CVEadded 2018/10/09 10:29 p.m.127 views

CVE-2018-17958

Qemu has a Buffer Overflow in rtl8139_do_receive in hw/net/rtl8139.c because an incorrect integer data type is used.

7.5CVSS8.4AI score0.02654EPSS
CVE
CVEadded 2018/02/23 5:29 p.m.125 views

CVE-2018-6764

util/virlog.c in libvirt does not properly determine the hostname on LXC container startup, which allows local guest OS users to bypass an intended container protection mechanism and execute arbitrary commands via a crafted NSS module.

7.8CVSS6.5AI score0.00038EPSS
CVE
CVEadded 2018/09/11 3:29 p.m.122 views

CVE-2018-1114

It was found that URLResource.getLastModified() in Undertow closes the file descriptors only when they are finalized which can cause file descriptors to exhaust. This leads to a file handler leak.

6.5CVSS6.2AI score0.00711EPSS
CVE
CVEadded 2016/11/04 9:59 p.m.116 views

CVE-2016-8576

The xhci_ring_fetch function in hw/usb/hcd-xhci.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (infinite loop and QEMU process crash) by leveraging failure to limit the number of link Transfer Request Blocks (TRB) to process.

6CVSS5.3AI score0.00087EPSS
CVE
CVEadded 2018/04/24 6:29 p.m.111 views

CVE-2018-1059

The DPDK vhost-user interface does not check to verify that all the requested guest physical range is mapped and contiguous when performing Guest Physical Addresses to Host Virtual Addresses translations. This may lead to a malicious guest exposing vhost-user backend process memory. All versions be...

6.1CVSS5.8AI score0.00256EPSS
CVE
CVEadded 2018/10/09 10:29 p.m.111 views

CVE-2018-17963

qemu_deliver_packet_iov in net/net.c in Qemu accepts packet sizes greater than INT_MAX, which allows attackers to cause a denial of service or possibly have unspecified other impact.

9.8CVSS9.7AI score0.0481EPSS
CVE
CVEadded 2016/11/04 9:59 p.m.108 views

CVE-2016-8909

The intel_hda_xfer function in hw/audio/intel-hda.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (infinite loop and CPU consumption) via an entry with the same value for buffer length and pointer position.

6CVSS6.1AI score0.00039EPSS
CVE
CVEadded 2018/07/27 4:29 p.m.107 views

CVE-2017-15119

The Network Block Device (NBD) server in Quick Emulator (QEMU) before 2.11 is vulnerable to a denial of service issue. It could occur if a client sent large option requests, making the server waste CPU time on reading up to 4GB per request. A client could use this flaw to keep the NBD server from s...

8.6CVSS8.6AI score0.01766EPSS
CVE
CVEadded 2017/03/27 3:59 p.m.107 views

CVE-2017-5973

The xhci_kick_epctx function in hw/usb/hcd-xhci.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (infinite loop and QEMU process crash) via vectors related to control transfer descriptor sequence.

5.5CVSS5.5AI score0.00026EPSS
CVE
CVEadded 2023/10/06 6:15 p.m.106 views

CVE-2023-5366

A flaw was found in Open vSwitch that allows ICMPv6 Neighbor Advertisement packets between virtual machines to bypass OpenFlow rules. This issue may allow a local attacker to create specially crafted packets with a modified or spoofed target IP address field that can redirect ICMPv6 traffic to arbi...

7.1CVSS6.2AI score0.00018EPSS
CVE
CVEadded 2016/11/04 9:59 p.m.105 views

CVE-2016-8910

The rtl8139_cplus_transmit function in hw/net/rtl8139.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (infinite loop and CPU consumption) by leveraging failure to limit the ring descriptor count.

6CVSS6AI score0.00098EPSS
CVE
CVEadded 2018/07/27 2:29 p.m.105 views

CVE-2018-10862

WildFly Core before version 6.0.0.Alpha3 does not properly validate file paths in .war archives, allowing for the extraction of crafted .war archives to overwrite arbitrary files. This is an instance of the 'Zip Slip' vulnerability.

5.5CVSS5.5AI score0.00325EPSS
CVE
CVEadded 2016/12/23 10:59 p.m.102 views

CVE-2016-9911

Quick Emulator (Qemu) built with the USB EHCI Emulation support is vulnerable to a memory leakage issue. It could occur while processing packet data in 'ehci_init_transfer'. A guest user/process could use this issue to leak host memory, resulting in DoS for a host.

6.5CVSS6.3AI score0.00041EPSS
CVE
CVEadded 2021/03/18 7:15 p.m.100 views

CVE-2019-14850

A denial of service vulnerability was discovered in nbdkit 1.12.7, 1.14.1 and 1.15.1. An attacker could connect to the nbdkit service and cause it to perform a large amount of work in initializing backend plugins, by simply opening a connection to the service. This vulnerability could cause resourc...

3.7CVSS3.8AI score0.00395EPSS
CVE
CVEadded 2016/04/12 2:0 a.m.98 views

CVE-2016-2857

The net_checksum_calculate function in net/checksum.c in QEMU allows local guest OS users to cause a denial of service (out-of-bounds heap read and crash) via the payload length in a crafted packet.

8.4CVSS6.6AI score0.00058EPSS
CVE
CVEadded 2016/12/23 10:59 p.m.92 views

CVE-2016-9907

Quick Emulator (Qemu) built with the USB redirector usb-guest support is vulnerable to a memory leakage flaw. It could occur while destroying the USB redirector in 'usbredir_handle_destroy'. A guest user/process could use this issue to leak host memory, resulting in DoS for a host.

6.5CVSS6.5AI score0.00041EPSS
CVE
CVEadded 2016/12/23 10:59 p.m.92 views

CVE-2016-9921

Quick emulator (Qemu) built with the Cirrus CLGD 54xx VGA Emulator support is vulnerable to a divide by zero issue. It could occur while copying VGA data when cirrus graphics mode was set to be VGA. A privileged user inside guest could use this flaw to crash the Qemu process instance on the host, r...

6.5CVSS6.3AI score0.0007EPSS
CVE
CVEadded 2016/11/04 9:59 p.m.91 views

CVE-2016-8669

The serial_update_parameters function in hw/char/serial.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (divide-by-zero error and QEMU process crash) via vectors involving a value of divider greater than baud base.

6CVSS5.9AI score0.00071EPSS
CVE
CVEadded 2016/05/25 3:59 p.m.85 views

CVE-2016-4020

The patch_instruction function in hw/i386/kvmvapic.c in QEMU does not initialize the imm32 variable, which allows local guest OS administrators to obtain sensitive information from host stack memory by accessing the Task Priority Register (TPR).

6.5CVSS6.4AI score0.00085EPSS
CVE
CVEadded 2016/12/10 12:59 a.m.81 views

CVE-2016-6888

Integer overflow in the net_tx_pkt_init function in hw/net/net_tx_pkt.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (QEMU process crash) via the maximum fragmentation count, which triggers an unchecked multiplication and NULL pointer dereference.

4.4CVSS6.1AI score0.00084EPSS
CVE
CVEadded 2022/08/26 6:15 p.m.79 views

CVE-2022-0207

A race condition was found in vdsm. Functionality to obfuscate sensitive values in log files that may lead to values being stored in clear text.

4.7CVSS4.5AI score0.00043EPSS
CVE
CVEadded 2016/12/10 12:59 a.m.78 views

CVE-2016-6835

The vmxnet_tx_pkt_parse_headers function in hw/net/vmxnet_tx_pkt.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (buffer over-read) by leveraging failure to check IP header length.

6CVSS6.5AI score0.00106EPSS
CVE
CVEadded 2017/05/23 5:29 p.m.72 views

CVE-2017-9214

In Open vSwitch (OvS) 2.7.0, while parsing an OFPT_QUEUE_GET_CONFIG_REPLY type OFP 1.0 message, there is a buffer over-read that is caused by an unsigned integer underflow in the function ofputil_pull_queue_get_config_reply10 in lib/ofp-util.c.

9.8CVSS9.3AI score0.07314EPSS
CVE
CVEadded 2016/12/10 12:59 a.m.69 views

CVE-2016-7422

The virtqueue_map_desc function in hw/virtio/virtio.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (NULL pointer dereference and QEMU process crash) via a large I/O descriptor buffer length value.

6CVSS5AI score0.00094EPSS
CVE
CVEadded 2016/12/10 12:59 a.m.68 views

CVE-2016-7466

Memory leak in the usb_xhci_exit function in hw/usb/hcd-xhci.c in QEMU (aka Quick Emulator), when the xhci uses msix, allows local guest OS administrators to cause a denial of service (memory consumption and possibly QEMU process crash) by repeatedly unplugging a USB device.

6CVSS5.4AI score0.00094EPSS
CVE
CVEadded 2018/07/26 2:29 p.m.62 views

CVE-2017-7539

An assertion-failure flaw was found in Qemu before 2.10.1, in the Network Block Device (NBD) server's initial connection negotiation, where the I/O coroutine was undefined. This could crash the qemu-nbd server if a client sent unexpected data during connection negotiation. A remote user or process ...

7.5CVSS7.1AI score0.01786EPSS
CVE
CVEadded 2018/06/19 12:29 p.m.59 views

CVE-2018-1073

The web console login form in ovirt-engine before version 4.2.3 returned different errors for non-existent users and invalid passwords, allowing an attacker to discover the names of valid user accounts.

5.3CVSS5.5AI score0.00269EPSS
CVE
CVEadded 2020/12/21 5:15 p.m.59 views

CVE-2020-35497

A flaw was found in ovirt-engine 4.4.3 and earlier allowing an authenticated user to read other users' personal information, including name, email and public SSH key.

6.5CVSS6.2AI score0.00317EPSS
CVE
CVEadded 2022/10/19 6:15 p.m.55 views

CVE-2022-2805

A flaw was found in ovirt-engine, which leads to the logging of plaintext passwords in the log file when using otapi-style. This flaw allows an attacker with sufficient privileges to read the log file, leading to confidentiality loss.

6.5CVSS6.1AI score0.00072EPSS
CVE
CVEadded 2018/08/09 7:29 p.m.52 views

CVE-2018-10908

It was found that vdsm before version 4.20.37 invokes qemu-img on untrusted inputs without limiting resources. By uploading a specially crafted image, an attacker could cause the qemu-img process to consume unbounded amounts of memory of CPU time, causing a denial of service condition that could po...

7.1CVSS6.2AI score0.0032EPSS
Total number of security vulnerabilities84