Max CVSS | 7.2 | Min CVSS | 4.6 | Total Count | 2 |
ID | CVSS | Summary | Last (major) update | Published | |
CVE-2019-10132 | 6.5 |
A vulnerability was found in libvirt >= 4.1.0 in the virtlockd-admin.socket and virtlogd-admin.socket systemd units. A missing SocketMode configuration parameter allows any user on the host to connect using virtlockd-admin-sock or virtlogd-admin-sock
|
12-02-2023 - 23:32 | 22-05-2019 - 18:29 | |
CVE-2019-10161 | 7.2 |
It was discovered that libvirtd before versions 4.10.1 and 5.4.1 would permit read-only clients to use the virDomainSaveImageGetXMLDesc() API, specifying an arbitrary path which would be accessed with the permissions of the libvirtd process. An attac
|
25-03-2021 - 14:09 | 30-07-2019 - 23:15 | |
CVE-2019-10168 | 4.6 |
The virConnectBaselineHypervisorCPU() and virConnectCompareHypervisorCPU() libvirt APIs, 4.x.x before 4.10.1 and 5.x.x before 5.4.1, accept an "emulator" argument to specify the program providing emulation for a domain. Since v1.2.19, libvirt will ex
|
15-10-2020 - 13:28 | 02-08-2019 - 13:15 | |
CVE-2019-10167 | 4.6 |
The virConnectGetDomainCapabilities() libvirt API, versions 4.x.x before 4.10.1 and 5.x.x before 5.4.1, accepts an "emulatorbin" argument to specify the program providing emulation for a domain. Since v1.2.19, libvirt will execute that program to pro
|
15-10-2020 - 13:28 | 02-08-2019 - 13:15 | |
CVE-2019-10166 | 4.6 |
It was discovered that libvirtd, versions 4.x.x before 4.10.1 and 5.x.x before 5.4.1, would permit readonly clients to use the virDomainManagedSaveDefineXML() API, which would permit them to modify managed save state files. If a managed save had alre
|
15-10-2020 - 13:28 | 02-08-2019 - 13:15 | |
CVE-2019-10161 | 7.2 |
It was discovered that libvirtd before versions 4.10.1 and 5.4.1 would permit read-only clients to use the virDomainSaveImageGetXMLDesc() API, specifying an arbitrary path which would be accessed with the permissions of the libvirtd process. An attac
|
30-09-2020 - 14:47 | 30-07-2019 - 23:15 | |
CVE-2019-11091 | 4.7 |
Microarchitectural Data Sampling Uncacheable Memory (MDSUM): Uncacheable memory on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access.
|
24-08-2020 - 17:37 | 30-05-2019 - 16:29 | |
CVE-2018-6764 | 4.6 |
util/virlog.c in libvirt does not properly determine the hostname on LXC container startup, which allows local guest OS users to bypass an intended container protection mechanism and execute arbitrary commands via a crafted NSS module.
|
03-10-2019 - 00:03 | 23-02-2018 - 17:29 | |
CVE-2018-12130 | 4.7 |
Microarchitectural Fill Buffer Data Sampling (MFBDS): Fill buffers on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. A list of im
|
11-06-2019 - 16:29 | 30-05-2019 - 16:29 | |
CVE-2018-12127 | 4.7 |
Microarchitectural Load Port Data Sampling (MLPDS): Load ports on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. A list of impact
|
11-06-2019 - 16:29 | 30-05-2019 - 16:29 | |
CVE-2018-12126 | 4.7 |
Microarchitectural Store Buffer Data Sampling (MSBDS): Store buffers on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. A list of
|
11-06-2019 - 16:29 | 30-05-2019 - 16:29 |