Redhat Enterprise Virtualization vulnerabilities

36 known vulnerabilities affecting redhat/enterprise_virtualization.

Total CVEs

CISA KEV

Public exploits

Exploited in wild

Severity breakdown

CRITICAL3HIGH7MEDIUM18LOW8

Vulnerabilities

Page 2 of 2

CVE-2012-3406MEDIUMCVSS 6.8v3.02014-02-10

CVE-2012-3406 [MEDIUM] CVE-2012-3406: The vfprintf function in stdio-common/vfprintf.c in GNU C Library (aka glibc) 2.5, 2.12, and probabl The vfprintf function in stdio-common/vfprintf.c in GNU C Library (aka glibc) 2.5, 2.12, and probably other versions does not "properly restrict the use of" the alloca function when allocating the SPECS array, which allows context-dependent attackers to bypass the FORTIFY_SOURCE format-string protection mechanism and cause a denial of service (crash) or possi

nvd

CVE-2013-2152HIGHCVSS 7.2v3.22014-01-21

CVE-2013-2152 [HIGH] CVE-2013-2152: Unquoted Windows search path vulnerability in the SPICE service, as used in Red Hat Enterprise Virtu Unquoted Windows search path vulnerability in the SPICE service, as used in Red Hat Enterprise Virtualization (RHEV) 3.2, allows local users to gain privileges via a crafted application in an unspecified folder.

nvd

CVE-2013-2151HIGHCVSS 7.2v3.0v3.22014-01-21

CVE-2013-2151 [HIGH] CVE-2013-2151: Unquoted Windows search path vulnerability in Red Hat Enterprise Virtualization (RHEV) 3 and 3.2 all Unquoted Windows search path vulnerability in Red Hat Enterprise Virtualization (RHEV) 3 and 3.2 allows local users to gain privileges via a crafted application in an unspecified folder.

nvd

CVE-2013-4282MEDIUMCVSS 5.0v3.02013-11-02

CVE-2013-4282 [MEDIUM] CWE-119 CVE-2013-4282: Stack-based buffer overflow in the reds_handle_ticket function in server/reds.c in SPICE 0.12.0 allo Stack-based buffer overflow in the reds_handle_ticket function in server/reds.c in SPICE 0.12.0 allows remote attackers to cause a denial of service (crash) via a long password in a SPICE ticket.

nvd

CVE-2013-4181MEDIUMCVSS 4.3v3.0v3.22013-09-16

CVE-2013-4181 [MEDIUM] CWE-79 CVE-2013-4181: Cross-site scripting (XSS) vulnerability in the addAlert function in the RedirectServlet servlet in Cross-site scripting (XSS) vulnerability in the addAlert function in the RedirectServlet servlet in oVirt Engine and Red Hat Enterprise Virtualization Manager (RHEV-M), as used in Red Hat Enterprise Virtualization 3 and 3.2, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

nvd

CVE-2013-2176HIGHCVSS 7.2v3.0v3.22013-08-28

CVE-2013-2176 [HIGH] CWE-399 CVE-2013-2176: Unquoted Windows search path vulnerability in the Red Hat Enterprise Virtualization Application Prov Unquoted Windows search path vulnerability in the Red Hat Enterprise Virtualization Application Provisioning Tool (RHEV-APT) in the rhev-guest-tools-iso package 3.2 allows local users to gain privileges via a Trojan horse application.

nvd

CVE-2013-0167LOWCVSS 2.7v3.0v3.22013-08-19

CVE-2013-0167 [LOW] CVE-2013-0167: VDSM in Red Hat Enterprise Virtualization 3 and 3.2 allows privileged guest users to cause the host VDSM in Red Hat Enterprise Virtualization 3 and 3.2 allows privileged guest users to cause the host to become "unavailable to the managment server" via guestInfo dictionaries with "unexpected fields."

nvd

CVE-2013-4236LOWCVSS 2.7v3.0v3.22013-08-19

CVE-2013-4236 [LOW] CVE-2013-4236: VDSM in Red Hat Enterprise Virtualization 3 and 3.2 allows privileged guest users to cause the host VDSM in Red Hat Enterprise Virtualization 3 and 3.2 allows privileged guest users to cause the host to become "unavailable to the managment server" via invalid XML characters in a guest agent response. NOTE: this issue is due to an incomplete fix for CVE-2013-0167.

nvd

CVE-2013-1591CRITICALCVSS 9.8v3.02013-01-31

CVE-2013-1591 [CRITICAL] CWE-190 CVE-2013-1591: Stack-based buffer overflow in libpixman, as used in Pale Moon before 15.4 and possibly other produc Stack-based buffer overflow in libpixman, as used in Pale Moon before 15.4 and possibly other products, has unspecified impact and context-dependent attack vectors. NOTE: this issue might be resultant from an integer overflow in the fast_composite_scaled_bilinear function in pixman-inlines.h, which triggers an infinite loop.

nvd

CVE-2010-0429MEDIUMCVSS 6.6v2.22010-08-24

CVE-2010-0429 [MEDIUM] CWE-264 CVE-2010-0429: libspice, as used in QEMU-KVM in the Hypervisor (aka rhev-hypervisor) in Red Hat Enterprise Virtuali libspice, as used in QEMU-KVM in the Hypervisor (aka rhev-hypervisor) in Red Hat Enterprise Virtualization (RHEV) 2.2 and qspice 0.3.0, does not properly restrict the addresses upon which memory-management actions are performed, which allows guest OS users to cause a denial of service (guest OS crash) or possibly gain privileges via unspecified vector

nvd

CVE-2010-0428MEDIUMCVSS 6.6v2.22010-08-24

CVE-2010-0428 [MEDIUM] CWE-20 CVE-2010-0428: libspice, as used in QEMU-KVM in the Hypervisor (aka rhev-hypervisor) in Red Hat Enterprise Virtuali libspice, as used in QEMU-KVM in the Hypervisor (aka rhev-hypervisor) in Red Hat Enterprise Virtualization (RHEV) 2.2 and qspice 0.3.0, does not properly validate guest QXL driver pointers, which allows guest OS users to cause a denial of service (invalid pointer dereference and guest OS crash) or possibly gain privileges via unspecified vectors.

nvd

CVE-2010-0431MEDIUMCVSS 6.6v2.22010-08-24

CVE-2010-0431 [MEDIUM] CWE-20 CVE-2010-0431: QEMU-KVM, as used in the Hypervisor (aka rhev-hypervisor) in Red Hat Enterprise Virtualization (RHEV QEMU-KVM, as used in the Hypervisor (aka rhev-hypervisor) in Red Hat Enterprise Virtualization (RHEV) 2.2 and KVM 83, does not properly validate guest QXL driver pointers, which allows guest OS users to cause a denial of service (invalid pointer dereference and guest OS crash) or possibly gain privileges via unspecified vectors.

nvd

CVE-2010-0435MEDIUMCVSS 4.6v2.22010-08-24

CVE-2010-0435 [MEDIUM] CVE-2010-0435: The Hypervisor (aka rhev-hypervisor) in Red Hat Enterprise Virtualization (RHEV) 2.2, and KVM 83, wh The Hypervisor (aka rhev-hypervisor) in Red Hat Enterprise Virtualization (RHEV) 2.2, and KVM 83, when the Intel VT-x extension is enabled, allows guest OS users to cause a denial of service (NULL pointer dereference and host OS crash) via vectors related to instruction emulation.

nvd

CVE-2010-2784MEDIUMCVSS 6.6v2.22010-08-24

CVE-2010-2784 [MEDIUM] CWE-264 CVE-2010-2784: The subpage MMIO initialization functionality in the subpage_register function in exec.c in QEMU-KVM The subpage MMIO initialization functionality in the subpage_register function in exec.c in QEMU-KVM, as used in the Hypervisor (aka rhev-hypervisor) in Red Hat Enterprise Virtualization (RHEV) 2.2 and KVM 83, does not properly select the index for access to the callback array, which allows guest OS users to cause a denial of service (guest OS crash)

nvd

CVE-2010-2811MEDIUMCVSS 5.7v2.22010-08-24

CVE-2010-2811 [MEDIUM] CVE-2010-2811: Virtual Desktop Server Manager (VDSM) in Red Hat Enterprise Virtualization (RHEV) 2.2 does not prope Virtual Desktop Server Manager (VDSM) in Red Hat Enterprise Virtualization (RHEV) 2.2 does not properly accept TCP connections for SSL sessions, which allows remote attackers to cause a denial of service (daemon outage) via crafted SSL traffic.

nvd

CVE-2008-3522CRITICALCVSS 10.0v3.52008-10-02

CVE-2008-3522 [CRITICAL] CWE-119 CVE-2008-3522: Buffer overflow in the jas_stream_printf function in libjasper/base/jas_stream.c in JasPer 1.900.1 m Buffer overflow in the jas_stream_printf function in libjasper/base/jas_stream.c in JasPer 1.900.1 might allow context-dependent attackers to have an unknown impact via vectors related to the mif_hdr_put function and use of vsprintf.

nvd

← Previous2 / 2