Max CVSS | 6.8 | Min CVSS | 2.1 | Total Count | 2 |
ID | CVSS | Summary | Last (major) update | Published | |
CVE-2019-10132 | 6.5 |
A vulnerability was found in libvirt >= 4.1.0 in the virtlockd-admin.socket and virtlogd-admin.socket systemd units. A missing SocketMode configuration parameter allows any user on the host to connect using virtlockd-admin-sock or virtlogd-admin-sock
|
12-02-2023 - 23:32 | 22-05-2019 - 18:29 | |
CVE-2019-10168 | 4.6 |
The virConnectBaselineHypervisorCPU() and virConnectCompareHypervisorCPU() libvirt APIs, 4.x.x before 4.10.1 and 5.x.x before 5.4.1, accept an "emulator" argument to specify the program providing emulation for a domain. Since v1.2.19, libvirt will ex
|
15-10-2020 - 13:28 | 02-08-2019 - 13:15 | |
CVE-2019-3863 | 6.8 |
A flaw was found in libssh2 before 1.8.1. A server could send a multiple keyboard interactive response messages whose total length are greater than unsigned char max characters. This value is used as an index to copy memory causing in an out of bound
|
14-05-2019 - 21:29 | 25-03-2019 - 18:29 | |
CVE-2013-4419 | 6.8 |
The guestfish command in libguestfs 1.20.12, 1.22.7, and earlier, when using the --remote or --listen option, does not properly check the ownership of /tmp/.guestfish-$UID/ when creating a temporary socket file in this directory, which allows local u
|
13-12-2018 - 17:57 | 05-11-2013 - 20:55 | |
CVE-2015-8869 | 6.4 |
OCaml before 4.03.0 does not properly handle sign extensions, which allows remote attackers to conduct buffer overflow attacks or obtain sensitive information as demonstrated by a long string to the String.copy function.
|
30-10-2018 - 16:27 | 13-06-2016 - 19:59 | |
CVE-2012-2690 | 2.1 |
virt-edit in libguestfs before 1.18.0 does not preserve the permissions from the original file and saves the new file with world-readable permissions when editing, which might allow local guest users to obtain sensitive information.
|
29-08-2017 - 01:31 | 29-06-2012 - 19:55 | |
CVE-2010-3851 | 4.7 |
libguestfs before 1.5.23, as used in virt-v2v, virt-inspector 1.5.3 and earlier, and possibly other products, when a raw-format disk image is used, allows local guest OS administrators to read files from the host via a crafted (1) qcow2, (2) VMDK, or
|
27-08-2011 - 03:44 | 04-11-2010 - 18:00 |