| Max CVSS | 6.8 | Min CVSS | 2.1 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2012-0860 | 6.2 |
Multiple untrusted search path vulnerabilities in Red Hat Enterprise Virtualization Manager (RHEV-M) before 3.1, when adding a host, allow local users to gain privileges via a Trojan horse (1) deployUtil.py or (2) vds_bootstrap.py Python module in /t
|
13-02-2023 - 03:28 | 04-01-2013 - 22:55 | |
| CVE-2012-0861 | 6.8 |
The vds_installer in Red Hat Enterprise Virtualization Manager (RHEV-M) before 3.1, when adding a host, uses the -k curl parameter when downloading deployUtil.py and vds_bootstrap.py, which prevents SSL certificates from being validated and allows re
|
13-02-2023 - 00:23 | 04-01-2013 - 22:55 | |
| CVE-2012-5516 | 2.1 |
Red Hat Enterprise Virtualization Manager (RHEV-M) before 3.1, when moving disks between storage domains, does not properly wipe-after-delete, which prevents disks from being securely deleted and might allow local users to obtain sensitive informatio
|
29-08-2017 - 01:32 | 04-01-2013 - 22:55 | |
| CVE-2012-2696 | 2.7 |
The backend in Red Hat Enterprise Virtualization Manager (RHEV-M) before 3.1 does not properly check privileges, which allows remote authenticated users to query arbitrary information via a (1) SOAP or (2) GWT request.
|
29-08-2017 - 01:31 | 04-01-2013 - 22:55 | |
| CVE-2011-4316 | 3.7 |
Red Hat Enterprise Virtualization Manager (RHEV-M) before 3.1, in certain unspecified conditions, does not lock the desktop screen between SPICE sessions, which allows local users with access to a virtual machine to gain access to other users' deskto
|
07-01-2013 - 14:54 | 04-01-2013 - 22:55 |