Max CVSS | 8.5 | Min CVSS | 4.0 | Total Count | 2 |
ID | CVSS | Summary | Last (major) update | Published | |
CVE-2013-4400 | 7.2 |
virt-login-shell in libvirt 1.1.2 through 1.1.3 allows local users to overwrite arbitrary files and possibly gain privileges via unspecified environment variables or command-line arguments.
|
13-02-2023 - 04:46 | 09-12-2013 - 16:36 | |
CVE-2013-4401 | 8.5 |
The virConnectDomainXMLToNative API function in libvirt 1.1.0 through 1.1.3 checks for the connect:read permission instead of the connect:write permission, which allows attackers to gain domain:write privileges and execute Qemu binaries via crafted X
|
13-02-2023 - 04:46 | 02-11-2013 - 18:55 | |
CVE-2013-4291 | 6.9 |
The virSecurityManagerSetProcessLabel function in libvirt 0.10.2.7, 1.0.5.5, and 1.1.1, when the domain has read an uid:gid label, does not properly set group memberships, which allows local users to gain privileges.
|
13-02-2023 - 04:45 | 30-09-2013 - 21:55 | |
CVE-2013-0170 | 6.8 |
Use-after-free vulnerability in the virNetMessageFree function in rpc/virnetserverclient.c in libvirt 1.0.x before 1.0.2, 0.10.2 before 0.10.2.3, 0.9.11 before 0.9.11.9, and 0.9.6 before 0.9.6.4 allows remote attackers to cause a denial of service (c
|
13-02-2023 - 04:38 | 08-02-2013 - 20:55 | |
CVE-2013-4296 | 4.0 |
The remoteDispatchDomainMemoryStats function in daemon/remote.c in libvirt 0.9.1 through 0.10.1.x, 0.10.2.x before 0.10.2.8, 1.0.x before 1.0.5.6, and 1.1.x before 1.1.2 allows remote authenticated users to cause a denial of service (uninitialized po
|
13-02-2023 - 00:28 | 30-09-2013 - 21:55 | |
CVE-2013-4311 | 4.6 |
libvirt 1.0.5.x before 1.0.5.6, 0.10.2.x before 0.10.2.8, and 0.9.12.x before 0.9.12.2 allows local users to bypass intended access restrictions by leveraging a PolkitUnixProcess PolkitSubject race condition in pkcheck via a (1) setuid process or (2)
|
22-04-2019 - 17:48 | 03-10-2013 - 21:55 |