Vulnerabilites related to redhat - enterprise_virtualization
cve-2018-1111
Vulnerability from cvelistv5
Published
2018-05-17 16:00
Modified
2024-08-05 03:51
Severity ?
EPSS score ?
Summary
DHCP packages in Red Hat Enterprise Linux 6 and 7, Fedora 28, and earlier are vulnerable to a command injection flaw in the NetworkManager integration script included in the DHCP client. A malicious DHCP server, or an attacker on the local network able to spoof DHCP responses, could use this flaw to execute arbitrary commands with root privileges on systems using NetworkManager and configured to obtain network configuration using the DHCP protocol.
References
Impacted products
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T03:51:48.789Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-1111", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://www.tenable.com/security/tns-2018-10", }, { name: "FEDORA-2018-5392896132", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IDJA4QRR74TMXW34Q3DYYFPVBYRTJBI7/", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://access.redhat.com/security/vulnerabilities/3442151", }, { name: "104195", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/104195", }, { name: "FEDORA-2018-23ca7a6798", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QMTTB54QNTPD2SK6UL32EVQHMZP6BUUD/", }, { name: "1040912", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://www.securitytracker.com/id/1040912", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0", }, { name: "RHSA-2018:1454", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2018:1454", }, { name: "RHSA-2018:1455", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2018:1455", }, { name: "RHSA-2018:1457", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2018:1457", }, { name: "RHSA-2018:1459", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2018:1459", }, { name: "RHSA-2018:1453", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2018:1453", }, { name: "FEDORA-2018-36058ed9f2", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CDCLLCHYFFXW354HMB5QBXOQOY5BH2EJ/", }, { name: "RHSA-2018:1524", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2018:1524", }, { name: "RHSA-2018:1456", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2018:1456", }, { name: "RHSA-2018:1461", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2018:1461", }, { name: "44652", tags: [ "exploit", "x_refsource_EXPLOIT-DB", "x_transferred", ], url: "https://www.exploit-db.com/exploits/44652/", }, { name: "44890", tags: [ "exploit", "x_refsource_EXPLOIT-DB", "x_transferred", ], url: "https://www.exploit-db.com/exploits/44890/", }, { name: "RHSA-2018:1458", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2018:1458", }, { name: "RHSA-2018:1460", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2018:1460", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "dhcp", vendor: "Red Hat", versions: [ { status: "affected", version: "Red Hat Enterprise Linux 6", }, { status: "affected", version: "Red Hat Enterprise Linux 7", }, ], }, { product: "dhcp", vendor: "Fedora", versions: [ { status: "affected", version: "Fedora 28", }, ], }, ], datePublic: "2018-05-15T00:00:00", descriptions: [ { lang: "en", value: "DHCP packages in Red Hat Enterprise Linux 6 and 7, Fedora 28, and earlier are vulnerable to a command injection flaw in the NetworkManager integration script included in the DHCP client. A malicious DHCP server, or an attacker on the local network able to spoof DHCP responses, could use this flaw to execute arbitrary commands with root privileges on systems using NetworkManager and configured to obtain network configuration using the DHCP protocol.", }, ], metrics: [ { cvssV3_0: { attackComplexity: "HIGH", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-77", description: "CWE-77", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2018-11-30T20:57:01", orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", shortName: "redhat", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-1111", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://www.tenable.com/security/tns-2018-10", }, { name: "FEDORA-2018-5392896132", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IDJA4QRR74TMXW34Q3DYYFPVBYRTJBI7/", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://access.redhat.com/security/vulnerabilities/3442151", }, { name: "104195", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/104195", }, { name: "FEDORA-2018-23ca7a6798", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QMTTB54QNTPD2SK6UL32EVQHMZP6BUUD/", }, { name: "1040912", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://www.securitytracker.com/id/1040912", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0", }, { name: "RHSA-2018:1454", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2018:1454", }, { name: "RHSA-2018:1455", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2018:1455", }, { name: "RHSA-2018:1457", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2018:1457", }, { name: "RHSA-2018:1459", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2018:1459", }, { name: "RHSA-2018:1453", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2018:1453", }, { name: "FEDORA-2018-36058ed9f2", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CDCLLCHYFFXW354HMB5QBXOQOY5BH2EJ/", }, { name: "RHSA-2018:1524", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2018:1524", }, { name: "RHSA-2018:1456", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2018:1456", }, { name: "RHSA-2018:1461", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2018:1461", }, { name: "44652", tags: [ "exploit", "x_refsource_EXPLOIT-DB", ], url: "https://www.exploit-db.com/exploits/44652/", }, { name: "44890", tags: [ "exploit", "x_refsource_EXPLOIT-DB", ], url: "https://www.exploit-db.com/exploits/44890/", }, { name: "RHSA-2018:1458", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2018:1458", }, { name: "RHSA-2018:1460", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2018:1460", }, ], }, }, cveMetadata: { assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", assignerShortName: "redhat", cveId: "CVE-2018-1111", datePublished: "2018-05-17T16:00:00", dateReserved: "2017-12-04T00:00:00", dateUpdated: "2024-08-05T03:51:48.789Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2013-4280
Vulnerability from cvelistv5
Published
2019-11-04 18:50
Modified
2024-08-06 16:38
Severity ?
EPSS score ?
Summary
Insecure temporary file vulnerability in RedHat vsdm 4.9.6.
References
▼ | URL | Tags |
---|---|---|
https://security-tracker.debian.org/tracker/CVE-2013-4280 | x_refsource_MISC | |
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4280 | x_refsource_MISC | |
https://access.redhat.com/security/cve/cve-2013-4280 | x_refsource_MISC |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T16:38:01.855Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://security-tracker.debian.org/tracker/CVE-2013-4280", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4280", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://access.redhat.com/security/cve/cve-2013-4280", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "vdsm", vendor: "RedHat", versions: [ { status: "affected", version: "through 2013-07-24", }, ], }, ], datePublic: "2013-07-24T00:00:00", descriptions: [ { lang: "en", value: "Insecure temporary file vulnerability in RedHat vsdm 4.9.6.", }, ], problemTypes: [ { descriptions: [ { description: "/tmp file vulnerability issues", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2019-11-04T18:50:52", orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", shortName: "redhat", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://security-tracker.debian.org/tracker/CVE-2013-4280", }, { tags: [ "x_refsource_MISC", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4280", }, { tags: [ "x_refsource_MISC", ], url: "https://access.redhat.com/security/cve/cve-2013-4280", }, ], }, }, cveMetadata: { assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", assignerShortName: "redhat", cveId: "CVE-2013-4280", datePublished: "2019-11-04T18:50:52", dateReserved: "2013-06-12T00:00:00", dateUpdated: "2024-08-06T16:38:01.855Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2013-4282
Vulnerability from cvelistv5
Published
2013-11-02 19:00
Modified
2024-08-06 16:38
Severity ?
EPSS score ?
Summary
Stack-based buffer overflow in the reds_handle_ticket function in server/reds.c in SPICE 0.12.0 allows remote attackers to cause a denial of service (crash) via a long password in a SPICE ticket.
References
▼ | URL | Tags |
---|---|---|
http://rhn.redhat.com/errata/RHSA-2013-1473.html | vendor-advisory, x_refsource_REDHAT | |
http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00008.html | vendor-advisory, x_refsource_SUSE | |
http://rhn.redhat.com/errata/RHSA-2013-1474.html | vendor-advisory, x_refsource_REDHAT | |
http://www.debian.org/security/2014/dsa-2839 | vendor-advisory, x_refsource_DEBIAN | |
http://cgit.freedesktop.org/spice/spice/commit/?id=8af619009660b24e0b41ad26b30289eea288fcc2 | x_refsource_CONFIRM | |
http://rhn.redhat.com/errata/RHSA-2013-1460.html | vendor-advisory, x_refsource_REDHAT | |
http://www.ubuntu.com/usn/USN-2027-1 | vendor-advisory, x_refsource_UBUNTU | |
http://www.securityfocus.com/bid/63408 | vdb-entry, x_refsource_BID |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T16:38:01.900Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "RHSA-2013:1473", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2013-1473.html", }, { name: "SUSE-SU-2015:0884", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00008.html", }, { name: "RHSA-2013:1474", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2013-1474.html", }, { name: "DSA-2839", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "http://www.debian.org/security/2014/dsa-2839", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://cgit.freedesktop.org/spice/spice/commit/?id=8af619009660b24e0b41ad26b30289eea288fcc2", }, { name: "RHSA-2013:1460", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2013-1460.html", }, { name: "USN-2027-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "http://www.ubuntu.com/usn/USN-2027-1", }, { name: "63408", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/63408", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2013-10-29T00:00:00", descriptions: [ { lang: "en", value: "Stack-based buffer overflow in the reds_handle_ticket function in server/reds.c in SPICE 0.12.0 allows remote attackers to cause a denial of service (crash) via a long password in a SPICE ticket.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2016-12-30T15:57:01", orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", shortName: "redhat", }, references: [ { name: "RHSA-2013:1473", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2013-1473.html", }, { name: "SUSE-SU-2015:0884", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00008.html", }, { name: "RHSA-2013:1474", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2013-1474.html", }, { name: "DSA-2839", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "http://www.debian.org/security/2014/dsa-2839", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://cgit.freedesktop.org/spice/spice/commit/?id=8af619009660b24e0b41ad26b30289eea288fcc2", }, { name: "RHSA-2013:1460", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2013-1460.html", }, { name: "USN-2027-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "http://www.ubuntu.com/usn/USN-2027-1", }, { name: "63408", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/63408", }, ], }, }, cveMetadata: { assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", assignerShortName: "redhat", cveId: "CVE-2013-4282", datePublished: "2013-11-02T19:00:00", dateReserved: "2013-06-12T00:00:00", dateUpdated: "2024-08-06T16:38:01.900Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2016-4443
Vulnerability from cvelistv5
Published
2016-12-14 18:00
Modified
2024-08-06 00:32
Severity ?
EPSS score ?
Summary
Red Hat Enterprise Virtualization (RHEV) Manager 3.6 allows local users to obtain encryption keys, certificates, and other sensitive information by reading the engine-setup log file.
References
▼ | URL | Tags |
---|---|---|
http://www.securityfocus.com/bid/92751 | vdb-entry, x_refsource_BID | |
http://www.securitytracker.com/id/1036863 | vdb-entry, x_refsource_SECTRACK | |
http://rhn.redhat.com/errata/RHSA-2016-1929.html | vendor-advisory, x_refsource_REDHAT | |
https://bugzilla.redhat.com/show_bug.cgi?id=1335106 | x_refsource_CONFIRM |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T00:32:25.186Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "92751", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/92751", }, { name: "1036863", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://www.securitytracker.com/id/1036863", }, { name: "RHSA-2016:1929", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2016-1929.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1335106", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2016-09-02T00:00:00", descriptions: [ { lang: "en", value: "Red Hat Enterprise Virtualization (RHEV) Manager 3.6 allows local users to obtain encryption keys, certificates, and other sensitive information by reading the engine-setup log file.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2016-12-14T17:57:01", orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", shortName: "redhat", }, references: [ { name: "92751", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/92751", }, { name: "1036863", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://www.securitytracker.com/id/1036863", }, { name: "RHSA-2016:1929", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2016-1929.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1335106", }, ], }, }, cveMetadata: { assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", assignerShortName: "redhat", cveId: "CVE-2016-4443", datePublished: "2016-12-14T18:00:00", dateReserved: "2016-05-02T00:00:00", dateUpdated: "2024-08-06T00:32:25.186Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2013-4181
Vulnerability from cvelistv5
Published
2013-09-16 19:00
Modified
2024-08-06 16:38
Severity ?
EPSS score ?
Summary
Cross-site scripting (XSS) vulnerability in the addAlert function in the RedirectServlet servlet in oVirt Engine and Red Hat Enterprise Virtualization Manager (RHEV-M), as used in Red Hat Enterprise Virtualization 3 and 3.2, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
References
▼ | URL | Tags |
---|---|---|
https://bugzilla.redhat.com/show_bug.cgi?id=988774 | x_refsource_CONFIRM | |
http://rhn.redhat.com/errata/RHSA-2013-1210.html | vendor-advisory, x_refsource_REDHAT |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T16:38:01.478Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=988774", }, { name: "RHSA-2013:1210", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2013-1210.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "Cross-site scripting (XSS) vulnerability in the addAlert function in the RedirectServlet servlet in oVirt Engine and Red Hat Enterprise Virtualization Manager (RHEV-M), as used in Red Hat Enterprise Virtualization 3 and 3.2, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2013-09-16T19:00:00Z", orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", shortName: "redhat", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=988774", }, { name: "RHSA-2013:1210", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2013-1210.html", }, ], }, }, cveMetadata: { assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", assignerShortName: "redhat", cveId: "CVE-2013-4181", datePublished: "2013-09-16T19:00:00Z", dateReserved: "2013-06-12T00:00:00Z", dateUpdated: "2024-08-06T16:38:01.478Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2015-3456
Vulnerability from cvelistv5
Published
2015-05-13 18:00
Modified
2024-08-06 05:47
Severity ?
EPSS score ?
Summary
The Floppy Disk Controller (FDC) in QEMU, as used in Xen 4.5.x and earlier and KVM, allows local guest users to cause a denial of service (out-of-bounds write and guest crash) or possibly execute arbitrary code via the (1) FD_CMD_READ_ID, (2) FD_CMD_DRIVE_SPECIFICATION_COMMAND, or other unspecified commands, aka VENOM.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T05:47:57.892Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "37053", tags: [ "exploit", "x_refsource_EXPLOIT-DB", "x_transferred", ], url: "https://www.exploit-db.com/exploits/37053/", }, { name: "1032306", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://www.securitytracker.com/id/1032306", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html", }, { name: "SUSE-SU-2015:0889", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00009.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://kb.juniper.net/JSA10783", }, { name: "DSA-3259", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "http://www.debian.org/security/2015/dsa-3259", }, { name: "SUSE-SU-2015:0929", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00021.html", }, { name: "SUSE-SU-2015:0896", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00042.html", }, { name: "GLSA-201612-27", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "https://security.gentoo.org/glsa/201612-27", }, { name: "RHSA-2015:0999", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2015-0999.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10118", }, { name: "SUSE-SU-2015:0923", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00018.html", }, { name: "RHSA-2015:1001", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1001.html", }, { name: "HPSBMU03336", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=143229451215900&w=2", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://support.citrix.com/article/CTX201078", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://xenbits.xen.org/xsa/advisory-133.html", }, { name: "RHSA-2015:1003", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1003.html", }, { name: "openSUSE-SU-2015:0893", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00013.html", }, { name: "1032917", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://www.securitytracker.com/id/1032917", }, { name: "HPSBMU03349", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=143387998230996&w=2", }, { name: "RHSA-2015:0998", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2015-0998.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://www.suse.com/security/cve/CVE-2015-3456.html", }, { name: "openSUSE-SU-2015:0894", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00014.html", }, { name: "FEDORA-2015-8249", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/158072.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bto.bluecoat.com/security-advisory/sa95", }, { name: "RHSA-2015:1004", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1004.html", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://venom.crowdstrike.com/", }, { name: "RHSA-2015:1011", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1011.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://support.lenovo.com/us/en/product_security/venom", }, { name: "SUSE-SU-2015:0927", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00019.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://git.qemu.org/?p=qemu.git%3Ba=commitdiff%3Bh=e907746266721f305d67bc0718795fedee2e824c", }, { name: "GLSA-201604-03", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "https://security.gentoo.org/glsa/201604-03", }, { name: "RHSA-2015:1002", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1002.html", }, { name: "USN-2608-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "http://www.ubuntu.com/usn/USN-2608-1", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://securityblog.redhat.com/2015/05/13/venom-dont-get-bitten/", }, { name: "openSUSE-SU-2015:0983", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00001.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10693", }, { name: "1032311", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://www.securitytracker.com/id/1032311", }, { name: "SSRT102076", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=143229451215900&w=2", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www1.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-438937.htm", }, { name: "DSA-3262", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "http://www.debian.org/security/2015/dsa-3262", }, { name: "GLSA-201602-01", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "https://security.gentoo.org/glsa/201602-01", }, { name: "openSUSE-SU-2015:1400", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-updates/2015-08/msg00021.html", }, { name: "74640", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/74640", }, { name: "DSA-3274", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "http://www.debian.org/security/2015/dsa-3274", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.fortiguard.com/advisory/2015-05-19-cve-2015-3456-venom-vulnerability", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://access.redhat.com/articles/1444903", }, { name: "RHSA-2015:1000", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1000.html", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.arista.com/en/support/advisories-notices/security-advisories/1128-security-advisory-10", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2015-05-13T00:00:00", descriptions: [ { lang: "en", value: "The Floppy Disk Controller (FDC) in QEMU, as used in Xen 4.5.x and earlier and KVM, allows local guest users to cause a denial of service (out-of-bounds write and guest crash) or possibly execute arbitrary code via the (1) FD_CMD_READ_ID, (2) FD_CMD_DRIVE_SPECIFICATION_COMMAND, or other unspecified commands, aka VENOM.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2021-11-05T16:32:45", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { name: "37053", tags: [ "exploit", "x_refsource_EXPLOIT-DB", ], url: "https://www.exploit-db.com/exploits/37053/", }, { name: "1032306", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://www.securitytracker.com/id/1032306", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html", }, { name: "SUSE-SU-2015:0889", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00009.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://kb.juniper.net/JSA10783", }, { name: "DSA-3259", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "http://www.debian.org/security/2015/dsa-3259", }, { name: "SUSE-SU-2015:0929", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00021.html", }, { name: "SUSE-SU-2015:0896", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00042.html", }, { name: "GLSA-201612-27", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "https://security.gentoo.org/glsa/201612-27", }, { name: "RHSA-2015:0999", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2015-0999.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10118", }, { name: "SUSE-SU-2015:0923", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00018.html", }, { name: "RHSA-2015:1001", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1001.html", }, { name: "HPSBMU03336", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=143229451215900&w=2", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://support.citrix.com/article/CTX201078", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://xenbits.xen.org/xsa/advisory-133.html", }, { name: "RHSA-2015:1003", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1003.html", }, { name: "openSUSE-SU-2015:0893", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00013.html", }, { name: "1032917", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://www.securitytracker.com/id/1032917", }, { name: "HPSBMU03349", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=143387998230996&w=2", }, { name: "RHSA-2015:0998", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2015-0998.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://www.suse.com/security/cve/CVE-2015-3456.html", }, { name: "openSUSE-SU-2015:0894", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00014.html", }, { name: "FEDORA-2015-8249", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/158072.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://bto.bluecoat.com/security-advisory/sa95", }, { name: "RHSA-2015:1004", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1004.html", }, { tags: [ "x_refsource_MISC", ], url: "http://venom.crowdstrike.com/", }, { name: "RHSA-2015:1011", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1011.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://support.lenovo.com/us/en/product_security/venom", }, { name: "SUSE-SU-2015:0927", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00019.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://git.qemu.org/?p=qemu.git%3Ba=commitdiff%3Bh=e907746266721f305d67bc0718795fedee2e824c", }, { name: "GLSA-201604-03", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "https://security.gentoo.org/glsa/201604-03", }, { name: "RHSA-2015:1002", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1002.html", }, { name: "USN-2608-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "http://www.ubuntu.com/usn/USN-2608-1", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://securityblog.redhat.com/2015/05/13/venom-dont-get-bitten/", }, { name: "openSUSE-SU-2015:0983", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00001.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10693", }, { name: "1032311", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://www.securitytracker.com/id/1032311", }, { name: "SSRT102076", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=143229451215900&w=2", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www1.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-438937.htm", }, { name: "DSA-3262", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "http://www.debian.org/security/2015/dsa-3262", }, { name: "GLSA-201602-01", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "https://security.gentoo.org/glsa/201602-01", }, { name: "openSUSE-SU-2015:1400", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-updates/2015-08/msg00021.html", }, { name: "74640", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/74640", }, { name: "DSA-3274", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "http://www.debian.org/security/2015/dsa-3274", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.fortiguard.com/advisory/2015-05-19-cve-2015-3456-venom-vulnerability", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://access.redhat.com/articles/1444903", }, { name: "RHSA-2015:1000", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1000.html", }, { tags: [ "x_refsource_MISC", ], url: "https://www.arista.com/en/support/advisories-notices/security-advisories/1128-security-advisory-10", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2015-3456", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "The Floppy Disk Controller (FDC) in QEMU, as used in Xen 4.5.x and earlier and KVM, allows local guest users to cause a denial of service (out-of-bounds write and guest crash) or possibly execute arbitrary code via the (1) FD_CMD_READ_ID, (2) FD_CMD_DRIVE_SPECIFICATION_COMMAND, or other unspecified commands, aka VENOM.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "37053", refsource: "EXPLOIT-DB", url: "https://www.exploit-db.com/exploits/37053/", }, { name: "1032306", refsource: "SECTRACK", url: "http://www.securitytracker.com/id/1032306", }, { name: "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html", refsource: "CONFIRM", url: "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html", }, { name: "SUSE-SU-2015:0889", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00009.html", }, { name: "https://kb.juniper.net/JSA10783", refsource: "CONFIRM", url: "https://kb.juniper.net/JSA10783", }, { name: "DSA-3259", refsource: "DEBIAN", url: "http://www.debian.org/security/2015/dsa-3259", }, { name: "SUSE-SU-2015:0929", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00021.html", }, { name: "SUSE-SU-2015:0896", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00042.html", }, { name: "GLSA-201612-27", refsource: "GENTOO", url: "https://security.gentoo.org/glsa/201612-27", }, { name: "RHSA-2015:0999", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2015-0999.html", }, { name: "https://kc.mcafee.com/corporate/index?page=content&id=SB10118", refsource: "CONFIRM", url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10118", }, { name: "SUSE-SU-2015:0923", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00018.html", }, { name: "RHSA-2015:1001", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2015-1001.html", }, { name: "HPSBMU03336", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=143229451215900&w=2", }, { name: "http://support.citrix.com/article/CTX201078", refsource: "CONFIRM", url: "http://support.citrix.com/article/CTX201078", }, { name: "http://xenbits.xen.org/xsa/advisory-133.html", refsource: "CONFIRM", url: "http://xenbits.xen.org/xsa/advisory-133.html", }, { name: "RHSA-2015:1003", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2015-1003.html", }, { name: "openSUSE-SU-2015:0893", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00013.html", }, { name: "1032917", refsource: "SECTRACK", url: "http://www.securitytracker.com/id/1032917", }, { name: "HPSBMU03349", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=143387998230996&w=2", }, { name: "RHSA-2015:0998", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2015-0998.html", }, { name: "https://www.suse.com/security/cve/CVE-2015-3456.html", refsource: "CONFIRM", url: "https://www.suse.com/security/cve/CVE-2015-3456.html", }, { name: "openSUSE-SU-2015:0894", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00014.html", }, { name: "FEDORA-2015-8249", refsource: "FEDORA", url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/158072.html", }, { name: "https://bto.bluecoat.com/security-advisory/sa95", refsource: "CONFIRM", url: "https://bto.bluecoat.com/security-advisory/sa95", }, { name: "RHSA-2015:1004", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2015-1004.html", }, { name: "http://venom.crowdstrike.com/", refsource: "MISC", url: "http://venom.crowdstrike.com/", }, { name: "RHSA-2015:1011", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2015-1011.html", }, { name: "https://support.lenovo.com/us/en/product_security/venom", refsource: "CONFIRM", url: "https://support.lenovo.com/us/en/product_security/venom", }, { name: "SUSE-SU-2015:0927", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00019.html", }, { name: "http://git.qemu.org/?p=qemu.git;a=commitdiff;h=e907746266721f305d67bc0718795fedee2e824c", refsource: "CONFIRM", url: "http://git.qemu.org/?p=qemu.git;a=commitdiff;h=e907746266721f305d67bc0718795fedee2e824c", }, { name: "GLSA-201604-03", refsource: "GENTOO", url: "https://security.gentoo.org/glsa/201604-03", }, { name: "RHSA-2015:1002", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2015-1002.html", }, { name: "USN-2608-1", refsource: "UBUNTU", url: "http://www.ubuntu.com/usn/USN-2608-1", }, { name: "https://securityblog.redhat.com/2015/05/13/venom-dont-get-bitten/", refsource: "CONFIRM", url: "https://securityblog.redhat.com/2015/05/13/venom-dont-get-bitten/", }, { name: "openSUSE-SU-2015:0983", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00001.html", }, { name: "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10693", refsource: "CONFIRM", url: "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10693", }, { name: "1032311", refsource: "SECTRACK", url: "http://www.securitytracker.com/id/1032311", }, { name: "SSRT102076", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=143229451215900&w=2", }, { name: "http://www1.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-438937.htm", refsource: "CONFIRM", url: "http://www1.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-438937.htm", }, { name: "DSA-3262", refsource: "DEBIAN", url: "http://www.debian.org/security/2015/dsa-3262", }, { name: "GLSA-201602-01", refsource: "GENTOO", url: "https://security.gentoo.org/glsa/201602-01", }, { name: "openSUSE-SU-2015:1400", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-updates/2015-08/msg00021.html", }, { name: "74640", refsource: "BID", url: "http://www.securityfocus.com/bid/74640", }, { name: "DSA-3274", refsource: "DEBIAN", url: "http://www.debian.org/security/2015/dsa-3274", }, { name: "http://www.fortiguard.com/advisory/2015-05-19-cve-2015-3456-venom-vulnerability", refsource: "CONFIRM", url: "http://www.fortiguard.com/advisory/2015-05-19-cve-2015-3456-venom-vulnerability", }, { name: "https://access.redhat.com/articles/1444903", refsource: "CONFIRM", url: "https://access.redhat.com/articles/1444903", }, { name: "RHSA-2015:1000", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2015-1000.html", }, { name: "https://www.arista.com/en/support/advisories-notices/security-advisories/1128-security-advisory-10", refsource: "MISC", url: "https://www.arista.com/en/support/advisories-notices/security-advisories/1128-security-advisory-10", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2015-3456", datePublished: "2015-05-13T18:00:00", dateReserved: "2015-04-29T00:00:00", dateUpdated: "2024-08-06T05:47:57.892Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2016-5432
Vulnerability from cvelistv5
Published
2016-10-03 18:00
Modified
2024-08-06 01:01
Severity ?
EPSS score ?
Summary
The ovirt-engine-provisiondb utility in Red Hat Enterprise Virtualization (RHEV) Engine 4.0 allows local users to obtain sensitive database provisioning information by reading log files.
References
▼ | URL | Tags |
---|---|---|
https://gerrit.ovirt.org/#/q/I40c88ad48f8f7c2b8e06802137870b0c198b5129 | x_refsource_CONFIRM | |
http://rhn.redhat.com/errata/RHSA-2016-1967.html | vendor-advisory, x_refsource_REDHAT | |
https://bugzilla.redhat.com/show_bug.cgi?id=1371428 | x_refsource_CONFIRM | |
http://www.securityfocus.com/bid/92694 | vdb-entry, x_refsource_BID |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T01:01:00.560Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://gerrit.ovirt.org/#/q/I40c88ad48f8f7c2b8e06802137870b0c198b5129", }, { name: "RHSA-2016:1967", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2016-1967.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1371428", }, { name: "92694", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/92694", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2016-09-28T00:00:00", descriptions: [ { lang: "en", value: "The ovirt-engine-provisiondb utility in Red Hat Enterprise Virtualization (RHEV) Engine 4.0 allows local users to obtain sensitive database provisioning information by reading log files.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2016-11-25T19:57:01", orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", shortName: "redhat", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://gerrit.ovirt.org/#/q/I40c88ad48f8f7c2b8e06802137870b0c198b5129", }, { name: "RHSA-2016:1967", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2016-1967.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1371428", }, { name: "92694", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/92694", }, ], }, }, cveMetadata: { assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", assignerShortName: "redhat", cveId: "CVE-2016-5432", datePublished: "2016-10-03T18:00:00", dateReserved: "2016-06-10T00:00:00", dateUpdated: "2024-08-06T01:01:00.560Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2010-0431
Vulnerability from cvelistv5
Published
2010-08-24 17:00
Modified
2024-08-07 00:45
Severity ?
EPSS score ?
Summary
QEMU-KVM, as used in the Hypervisor (aka rhev-hypervisor) in Red Hat Enterprise Virtualization (RHEV) 2.2 and KVM 83, does not properly validate guest QXL driver pointers, which allows guest OS users to cause a denial of service (invalid pointer dereference and guest OS crash) or possibly gain privileges via unspecified vectors.
References
▼ | URL | Tags |
---|---|---|
https://rhn.redhat.com/errata/RHSA-2010-0627.html | vendor-advisory, x_refsource_REDHAT | |
https://bugzilla.redhat.com/show_bug.cgi?id=568809 | x_refsource_CONFIRM | |
https://rhn.redhat.com/errata/RHSA-2010-0622.html | vendor-advisory, x_refsource_REDHAT |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-07T00:45:12.288Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "RHSA-2010:0627", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://rhn.redhat.com/errata/RHSA-2010-0627.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=568809", }, { name: "RHSA-2010:0622", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://rhn.redhat.com/errata/RHSA-2010-0622.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "QEMU-KVM, as used in the Hypervisor (aka rhev-hypervisor) in Red Hat Enterprise Virtualization (RHEV) 2.2 and KVM 83, does not properly validate guest QXL driver pointers, which allows guest OS users to cause a denial of service (invalid pointer dereference and guest OS crash) or possibly gain privileges via unspecified vectors.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2010-08-24T17:00:00Z", orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", shortName: "redhat", }, references: [ { name: "RHSA-2010:0627", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://rhn.redhat.com/errata/RHSA-2010-0627.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=568809", }, { name: "RHSA-2010:0622", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://rhn.redhat.com/errata/RHSA-2010-0622.html", }, ], }, }, cveMetadata: { assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", assignerShortName: "redhat", cveId: "CVE-2010-0431", datePublished: "2010-08-24T17:00:00Z", dateReserved: "2010-01-27T00:00:00Z", dateUpdated: "2024-08-07T00:45:12.288Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2010-0428
Vulnerability from cvelistv5
Published
2010-08-24 17:00
Modified
2024-08-07 00:45
Severity ?
EPSS score ?
Summary
libspice, as used in QEMU-KVM in the Hypervisor (aka rhev-hypervisor) in Red Hat Enterprise Virtualization (RHEV) 2.2 and qspice 0.3.0, does not properly validate guest QXL driver pointers, which allows guest OS users to cause a denial of service (invalid pointer dereference and guest OS crash) or possibly gain privileges via unspecified vectors.
References
▼ | URL | Tags |
---|---|---|
https://rhn.redhat.com/errata/RHSA-2010-0622.html | vendor-advisory, x_refsource_REDHAT | |
https://bugzilla.redhat.com/show_bug.cgi?id=568699 | x_refsource_CONFIRM | |
https://rhn.redhat.com/errata/RHSA-2010-0633.html | vendor-advisory, x_refsource_REDHAT |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-07T00:45:12.298Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "RHSA-2010:0622", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://rhn.redhat.com/errata/RHSA-2010-0622.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=568699", }, { name: "RHSA-2010:0633", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://rhn.redhat.com/errata/RHSA-2010-0633.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "libspice, as used in QEMU-KVM in the Hypervisor (aka rhev-hypervisor) in Red Hat Enterprise Virtualization (RHEV) 2.2 and qspice 0.3.0, does not properly validate guest QXL driver pointers, which allows guest OS users to cause a denial of service (invalid pointer dereference and guest OS crash) or possibly gain privileges via unspecified vectors.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2010-08-24T17:00:00Z", orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", shortName: "redhat", }, references: [ { name: "RHSA-2010:0622", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://rhn.redhat.com/errata/RHSA-2010-0622.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=568699", }, { name: "RHSA-2010:0633", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://rhn.redhat.com/errata/RHSA-2010-0633.html", }, ], }, }, cveMetadata: { assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", assignerShortName: "redhat", cveId: "CVE-2010-0428", datePublished: "2010-08-24T17:00:00Z", dateReserved: "2010-01-27T00:00:00Z", dateUpdated: "2024-08-07T00:45:12.298Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2014-8167
Vulnerability from cvelistv5
Published
2019-11-13 16:11
Modified
2024-08-06 13:10
Severity ?
EPSS score ?
Summary
vdsm and vdsclient does not validate certficate hostname from another vdsm which could facilitate a man-in-the-middle attack
References
▼ | URL | Tags |
---|---|---|
https://access.redhat.com/security/cve/cve-2014-8167 | x_refsource_MISC | |
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2014-8167 | vendor-advisory, x_refsource_REDHAT |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | vdsm and vdsclient | vdsm and vdsclient |
Version: through 2014-11-18 |
|
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T13:10:51.146Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://access.redhat.com/security/cve/cve-2014-8167", }, { name: "Red Hat", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2014-8167", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "vdsm and vdsclient", vendor: "vdsm and vdsclient", versions: [ { status: "affected", version: "through 2014-11-18", }, ], }, ], descriptions: [ { lang: "en", value: "vdsm and vdsclient does not validate certficate hostname from another vdsm which could facilitate a man-in-the-middle attack", }, ], problemTypes: [ { descriptions: [ { description: "does not validate certficate hostname from another vdsm", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2019-11-13T16:11:45", orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", shortName: "redhat", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://access.redhat.com/security/cve/cve-2014-8167", }, { name: "Red Hat", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2014-8167", }, ], }, }, cveMetadata: { assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", assignerShortName: "redhat", cveId: "CVE-2014-8167", datePublished: "2019-11-13T16:11:46", dateReserved: "2014-10-10T00:00:00", dateUpdated: "2024-08-06T13:10:51.146Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2010-2784
Vulnerability from cvelistv5
Published
2010-08-24 17:00
Modified
2024-08-07 02:46
Severity ?
EPSS score ?
Summary
The subpage MMIO initialization functionality in the subpage_register function in exec.c in QEMU-KVM, as used in the Hypervisor (aka rhev-hypervisor) in Red Hat Enterprise Virtualization (RHEV) 2.2 and KVM 83, does not properly select the index for access to the callback array, which allows guest OS users to cause a denial of service (guest OS crash) or possibly gain privileges via unspecified vectors.
References
▼ | URL | Tags |
---|---|---|
https://rhn.redhat.com/errata/RHSA-2010-0627.html | vendor-advisory, x_refsource_REDHAT | |
https://rhn.redhat.com/errata/RHSA-2010-0622.html | vendor-advisory, x_refsource_REDHAT | |
https://bugzilla.redhat.com/show_bug.cgi?id=619411 | x_refsource_CONFIRM | |
http://www.spinics.net/lists/kvm/msg39173.html | mailing-list, x_refsource_MLIST |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-07T02:46:48.590Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "RHSA-2010:0627", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://rhn.redhat.com/errata/RHSA-2010-0627.html", }, { name: "RHSA-2010:0622", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://rhn.redhat.com/errata/RHSA-2010-0622.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=619411", }, { name: "[kvm] 20100728 [PATCH 1/2] Fix segfault in mmio subpage handling code", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://www.spinics.net/lists/kvm/msg39173.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "The subpage MMIO initialization functionality in the subpage_register function in exec.c in QEMU-KVM, as used in the Hypervisor (aka rhev-hypervisor) in Red Hat Enterprise Virtualization (RHEV) 2.2 and KVM 83, does not properly select the index for access to the callback array, which allows guest OS users to cause a denial of service (guest OS crash) or possibly gain privileges via unspecified vectors.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2010-08-24T17:00:00Z", orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", shortName: "redhat", }, references: [ { name: "RHSA-2010:0627", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://rhn.redhat.com/errata/RHSA-2010-0627.html", }, { name: "RHSA-2010:0622", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://rhn.redhat.com/errata/RHSA-2010-0622.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=619411", }, { name: "[kvm] 20100728 [PATCH 1/2] Fix segfault in mmio subpage handling code", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://www.spinics.net/lists/kvm/msg39173.html", }, ], }, }, cveMetadata: { assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", assignerShortName: "redhat", cveId: "CVE-2010-2784", datePublished: "2010-08-24T17:00:00Z", dateReserved: "2010-07-22T00:00:00Z", dateUpdated: "2024-08-07T02:46:48.590Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2012-3404
Vulnerability from cvelistv5
Published
2014-02-10 17:00
Modified
2024-08-06 20:05
Severity ?
EPSS score ?
Summary
The vfprintf function in stdio-common/vfprintf.c in libc in GNU C Library (aka glibc) 2.12 and other versions does not properly calculate a buffer length, which allows context-dependent attackers to bypass the FORTIFY_SOURCE format-string protection mechanism and cause a denial of service (stack corruption and crash) via a format string that uses positional parameters and many format specifiers.
References
▼ | URL | Tags |
---|---|---|
http://rhn.redhat.com/errata/RHSA-2012-1200.html | vendor-advisory, x_refsource_REDHAT | |
https://sourceware.org/bugzilla/show_bug.cgi?id=12445 | x_refsource_CONFIRM | |
https://bugzilla.redhat.com/show_bug.cgi?id=833703 | x_refsource_CONFIRM | |
https://security.gentoo.org/glsa/201503-04 | vendor-advisory, x_refsource_GENTOO | |
http://rhn.redhat.com/errata/RHSA-2012-1098.html | vendor-advisory, x_refsource_REDHAT | |
http://www.ubuntu.com/usn/USN-1589-1 | vendor-advisory, x_refsource_UBUNTU | |
http://www.openwall.com/lists/oss-security/2012/07/11/17 | mailing-list, x_refsource_MLIST |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T20:05:12.567Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "RHSA-2012:1200", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2012-1200.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://sourceware.org/bugzilla/show_bug.cgi?id=12445", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=833703", }, { name: "GLSA-201503-04", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "https://security.gentoo.org/glsa/201503-04", }, { name: "RHSA-2012:1098", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2012-1098.html", }, { name: "USN-1589-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "http://www.ubuntu.com/usn/USN-1589-1", }, { name: "[oss-security] 20120711 Re: CVE request: glibc formatted printing vulnerabilities", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2012/07/11/17", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2011-02-20T00:00:00", descriptions: [ { lang: "en", value: "The vfprintf function in stdio-common/vfprintf.c in libc in GNU C Library (aka glibc) 2.12 and other versions does not properly calculate a buffer length, which allows context-dependent attackers to bypass the FORTIFY_SOURCE format-string protection mechanism and cause a denial of service (stack corruption and crash) via a format string that uses positional parameters and many format specifiers.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2017-06-30T16:57:01", orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", shortName: "redhat", }, references: [ { name: "RHSA-2012:1200", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2012-1200.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://sourceware.org/bugzilla/show_bug.cgi?id=12445", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=833703", }, { name: "GLSA-201503-04", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "https://security.gentoo.org/glsa/201503-04", }, { name: "RHSA-2012:1098", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2012-1098.html", }, { name: "USN-1589-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "http://www.ubuntu.com/usn/USN-1589-1", }, { name: "[oss-security] 20120711 Re: CVE request: glibc formatted printing vulnerabilities", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://www.openwall.com/lists/oss-security/2012/07/11/17", }, ], }, }, cveMetadata: { assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", assignerShortName: "redhat", cveId: "CVE-2012-3404", datePublished: "2014-02-10T17:00:00", dateReserved: "2012-06-14T00:00:00", dateUpdated: "2024-08-06T20:05:12.567Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2012-3405
Vulnerability from cvelistv5
Published
2014-02-10 17:00
Modified
2024-08-06 20:05
Severity ?
EPSS score ?
Summary
The vfprintf function in stdio-common/vfprintf.c in libc in GNU C Library (aka glibc) 2.14 and other versions does not properly calculate a buffer length, which allows context-dependent attackers to bypass the FORTIFY_SOURCE format-string protection mechanism and cause a denial of service (segmentation fault and crash) via a format string with a large number of format specifiers that triggers "desynchronization within the buffer size handling," a different vulnerability than CVE-2012-3404.
References
▼ | URL | Tags |
---|---|---|
http://rhn.redhat.com/errata/RHSA-2012-1200.html | vendor-advisory, x_refsource_REDHAT | |
https://bugzilla.redhat.com/show_bug.cgi?id=833704 | x_refsource_CONFIRM | |
https://sourceware.org/bugzilla/show_bug.cgi?id=13446 | x_refsource_CONFIRM | |
https://security.gentoo.org/glsa/201503-04 | vendor-advisory, x_refsource_GENTOO | |
http://rhn.redhat.com/errata/RHSA-2012-1098.html | vendor-advisory, x_refsource_REDHAT | |
http://www.ubuntu.com/usn/USN-1589-1 | vendor-advisory, x_refsource_UBUNTU | |
http://www.openwall.com/lists/oss-security/2012/07/11/17 | mailing-list, x_refsource_MLIST |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T20:05:12.277Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "RHSA-2012:1200", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2012-1200.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=833704", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://sourceware.org/bugzilla/show_bug.cgi?id=13446", }, { name: "GLSA-201503-04", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "https://security.gentoo.org/glsa/201503-04", }, { name: "RHSA-2012:1098", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2012-1098.html", }, { name: "USN-1589-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "http://www.ubuntu.com/usn/USN-1589-1", }, { name: "[oss-security] 20120711 Re: CVE request: glibc formatted printing vulnerabilities", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2012/07/11/17", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2011-12-18T00:00:00", descriptions: [ { lang: "en", value: "The vfprintf function in stdio-common/vfprintf.c in libc in GNU C Library (aka glibc) 2.14 and other versions does not properly calculate a buffer length, which allows context-dependent attackers to bypass the FORTIFY_SOURCE format-string protection mechanism and cause a denial of service (segmentation fault and crash) via a format string with a large number of format specifiers that triggers \"desynchronization within the buffer size handling,\" a different vulnerability than CVE-2012-3404.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2017-06-30T16:57:01", orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", shortName: "redhat", }, references: [ { name: "RHSA-2012:1200", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2012-1200.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=833704", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://sourceware.org/bugzilla/show_bug.cgi?id=13446", }, { name: "GLSA-201503-04", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "https://security.gentoo.org/glsa/201503-04", }, { name: "RHSA-2012:1098", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2012-1098.html", }, { name: "USN-1589-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "http://www.ubuntu.com/usn/USN-1589-1", }, { name: "[oss-security] 20120711 Re: CVE request: glibc formatted printing vulnerabilities", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://www.openwall.com/lists/oss-security/2012/07/11/17", }, ], }, }, cveMetadata: { assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", assignerShortName: "redhat", cveId: "CVE-2012-3405", datePublished: "2014-02-10T17:00:00", dateReserved: "2012-06-14T00:00:00", dateUpdated: "2024-08-06T20:05:12.277Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2010-2811
Vulnerability from cvelistv5
Published
2010-08-24 17:00
Modified
2024-08-07 02:46
Severity ?
EPSS score ?
Summary
Virtual Desktop Server Manager (VDSM) in Red Hat Enterprise Virtualization (RHEV) 2.2 does not properly accept TCP connections for SSL sessions, which allows remote attackers to cause a denial of service (daemon outage) via crafted SSL traffic.
References
▼ | URL | Tags |
---|---|---|
http://www.securityfocus.com/bid/42580 | vdb-entry, x_refsource_BID | |
https://rhn.redhat.com/errata/RHSA-2010-0622.html | vendor-advisory, x_refsource_REDHAT | |
https://rhn.redhat.com/errata/RHSA-2010-0628.html | vendor-advisory, x_refsource_REDHAT | |
https://bugzilla.redhat.com/show_bug.cgi?id=622928 | x_refsource_CONFIRM | |
http://securitytracker.com/id?1024347 | vdb-entry, x_refsource_SECTRACK |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-07T02:46:48.175Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "42580", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/42580", }, { name: "RHSA-2010:0622", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://rhn.redhat.com/errata/RHSA-2010-0622.html", }, { name: "RHSA-2010:0628", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://rhn.redhat.com/errata/RHSA-2010-0628.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=622928", }, { name: "1024347", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://securitytracker.com/id?1024347", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "Virtual Desktop Server Manager (VDSM) in Red Hat Enterprise Virtualization (RHEV) 2.2 does not properly accept TCP connections for SSL sessions, which allows remote attackers to cause a denial of service (daemon outage) via crafted SSL traffic.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2010-08-24T17:00:00Z", orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", shortName: "redhat", }, references: [ { name: "42580", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/42580", }, { name: "RHSA-2010:0622", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://rhn.redhat.com/errata/RHSA-2010-0622.html", }, { name: "RHSA-2010:0628", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://rhn.redhat.com/errata/RHSA-2010-0628.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=622928", }, { name: "1024347", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://securitytracker.com/id?1024347", }, ], }, }, cveMetadata: { assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", assignerShortName: "redhat", cveId: "CVE-2010-2811", datePublished: "2010-08-24T17:00:00Z", dateReserved: "2010-07-22T00:00:00Z", dateUpdated: "2024-08-07T02:46:48.175Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2013-0167
Vulnerability from cvelistv5
Published
2013-08-19 23:00
Modified
2024-08-06 14:18
Severity ?
EPSS score ?
Summary
VDSM in Red Hat Enterprise Virtualization 3 and 3.2 allows privileged guest users to cause the host to become "unavailable to the managment server" via guestInfo dictionaries with "unexpected fields."
References
▼ | URL | Tags |
---|---|---|
https://bugzilla.redhat.com/show_bug.cgi?id=893332 | x_refsource_CONFIRM | |
https://rhn.redhat.com/errata/RHSA-2013-0907.html | vendor-advisory, x_refsource_REDHAT | |
https://rhn.redhat.com/errata/RHSA-2013-0886.html | vendor-advisory, x_refsource_REDHAT |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T14:18:09.090Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=893332", }, { name: "RHSA-2013:0907", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://rhn.redhat.com/errata/RHSA-2013-0907.html", }, { name: "RHSA-2013:0886", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://rhn.redhat.com/errata/RHSA-2013-0886.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "VDSM in Red Hat Enterprise Virtualization 3 and 3.2 allows privileged guest users to cause the host to become \"unavailable to the managment server\" via guestInfo dictionaries with \"unexpected fields.\"", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2013-08-19T23:00:00Z", orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", shortName: "redhat", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=893332", }, { name: "RHSA-2013:0907", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://rhn.redhat.com/errata/RHSA-2013-0907.html", }, { name: "RHSA-2013:0886", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://rhn.redhat.com/errata/RHSA-2013-0886.html", }, ], }, }, cveMetadata: { assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", assignerShortName: "redhat", cveId: "CVE-2013-0167", datePublished: "2013-08-19T23:00:00Z", dateReserved: "2012-12-06T00:00:00Z", dateUpdated: "2024-08-06T14:18:09.090Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2013-2151
Vulnerability from cvelistv5
Published
2014-01-21 18:00
Modified
2024-08-06 15:27
Severity ?
EPSS score ?
Summary
Unquoted Windows search path vulnerability in Red Hat Enterprise Virtualization (RHEV) 3 and 3.2 allows local users to gain privileges via a crafted application in an unspecified folder.
References
▼ | URL | Tags |
---|---|---|
http://www.securityfocus.com/bid/60473 | vdb-entry, x_refsource_BID | |
http://rhn.redhat.com/errata/RHSA-2013-0925.html | vendor-advisory, x_refsource_REDHAT | |
https://exchange.xforce.ibmcloud.com/vulnerabilities/84868 | vdb-entry, x_refsource_XF |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T15:27:40.953Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "60473", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/60473", }, { name: "RHSA-2013:0925", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2013-0925.html", }, { name: "enterprise-cve20132151-priv-esc(84868)", tags: [ "vdb-entry", "x_refsource_XF", "x_transferred", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/84868", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2013-06-10T00:00:00", descriptions: [ { lang: "en", value: "Unquoted Windows search path vulnerability in Red Hat Enterprise Virtualization (RHEV) 3 and 3.2 allows local users to gain privileges via a crafted application in an unspecified folder.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2017-08-28T12:57:01", orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", shortName: "redhat", }, references: [ { name: "60473", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/60473", }, { name: "RHSA-2013:0925", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2013-0925.html", }, { name: "enterprise-cve20132151-priv-esc(84868)", tags: [ "vdb-entry", "x_refsource_XF", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/84868", }, ], }, }, cveMetadata: { assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", assignerShortName: "redhat", cveId: "CVE-2013-2151", datePublished: "2014-01-21T18:00:00", dateReserved: "2013-02-19T00:00:00", dateUpdated: "2024-08-06T15:27:40.953Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2010-0429
Vulnerability from cvelistv5
Published
2010-08-24 17:00
Modified
2024-08-07 00:45
Severity ?
EPSS score ?
Summary
libspice, as used in QEMU-KVM in the Hypervisor (aka rhev-hypervisor) in Red Hat Enterprise Virtualization (RHEV) 2.2 and qspice 0.3.0, does not properly restrict the addresses upon which memory-management actions are performed, which allows guest OS users to cause a denial of service (guest OS crash) or possibly gain privileges via unspecified vectors.
References
▼ | URL | Tags |
---|---|---|
https://bugzilla.redhat.com/show_bug.cgi?id=568701 | x_refsource_CONFIRM | |
https://rhn.redhat.com/errata/RHSA-2010-0622.html | vendor-advisory, x_refsource_REDHAT | |
https://rhn.redhat.com/errata/RHSA-2010-0633.html | vendor-advisory, x_refsource_REDHAT |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-07T00:45:12.244Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=568701", }, { name: "RHSA-2010:0622", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://rhn.redhat.com/errata/RHSA-2010-0622.html", }, { name: "RHSA-2010:0633", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://rhn.redhat.com/errata/RHSA-2010-0633.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "libspice, as used in QEMU-KVM in the Hypervisor (aka rhev-hypervisor) in Red Hat Enterprise Virtualization (RHEV) 2.2 and qspice 0.3.0, does not properly restrict the addresses upon which memory-management actions are performed, which allows guest OS users to cause a denial of service (guest OS crash) or possibly gain privileges via unspecified vectors.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2010-08-24T17:00:00Z", orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", shortName: "redhat", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=568701", }, { name: "RHSA-2010:0622", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://rhn.redhat.com/errata/RHSA-2010-0622.html", }, { name: "RHSA-2010:0633", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://rhn.redhat.com/errata/RHSA-2010-0633.html", }, ], }, }, cveMetadata: { assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", assignerShortName: "redhat", cveId: "CVE-2010-0429", datePublished: "2010-08-24T17:00:00Z", dateReserved: "2010-01-27T00:00:00Z", dateUpdated: "2024-08-07T00:45:12.244Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2018-1074
Vulnerability from cvelistv5
Published
2018-04-26 17:00
Modified
2024-08-05 03:51
Severity ?
EPSS score ?
Summary
ovirt-engine API and administration web portal before versions 4.2.2.5, 4.1.11.2 is vulnerable to an exposure of Power Management credentials, including cleartext passwords to Host Administrators. A Host Administrator could use this flaw to gain access to the power management systems of hosts they control.
References
▼ | URL | Tags |
---|---|---|
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-1074 | x_refsource_CONFIRM | |
https://access.redhat.com/errata/RHBA-2018:1219 | vendor-advisory, x_refsource_REDHAT |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | unspecified | ovirt-engine |
Version: ovirt-engine 4.2.2.5 Version: ovirt-engine 4.1.11.2 |
|
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T03:51:48.452Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-1074", }, { name: "RHBA-2018:1219", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHBA-2018:1219", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "ovirt-engine", vendor: "unspecified", versions: [ { status: "affected", version: "ovirt-engine 4.2.2.5", }, { status: "affected", version: " ovirt-engine 4.1.11.2", }, ], }, ], datePublic: "2018-04-26T00:00:00", descriptions: [ { lang: "en", value: "ovirt-engine API and administration web portal before versions 4.2.2.5, 4.1.11.2 is vulnerable to an exposure of Power Management credentials, including cleartext passwords to Host Administrators. A Host Administrator could use this flaw to gain access to the power management systems of hosts they control.", }, ], metrics: [ { cvssV3_0: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 7.7, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N", version: "3.0", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-200", description: "CWE-200", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2018-04-27T09:57:01", orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", shortName: "redhat", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-1074", }, { name: "RHBA-2018:1219", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHBA-2018:1219", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "secalert@redhat.com", ID: "CVE-2018-1074", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "ovirt-engine", version: { version_data: [ { version_value: "ovirt-engine 4.2.2.5", }, { version_value: " ovirt-engine 4.1.11.2", }, ], }, }, ], }, vendor_name: "", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "ovirt-engine API and administration web portal before versions 4.2.2.5, 4.1.11.2 is vulnerable to an exposure of Power Management credentials, including cleartext passwords to Host Administrators. A Host Administrator could use this flaw to gain access to the power management systems of hosts they control.", }, ], }, impact: { cvss: [ [ { vectorString: "7.7/CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N", version: "3.0", }, ], ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-200", }, ], }, ], }, references: { reference_data: [ { name: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-1074", refsource: "CONFIRM", url: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-1074", }, { name: "RHBA-2018:1219", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHBA-2018:1219", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", assignerShortName: "redhat", cveId: "CVE-2018-1074", datePublished: "2018-04-26T17:00:00", dateReserved: "2017-12-04T00:00:00", dateUpdated: "2024-08-05T03:51:48.452Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2010-0435
Vulnerability from cvelistv5
Published
2010-08-24 17:00
Modified
2024-08-07 00:52
Severity ?
EPSS score ?
Summary
The Hypervisor (aka rhev-hypervisor) in Red Hat Enterprise Virtualization (RHEV) 2.2, and KVM 83, when the Intel VT-x extension is enabled, allows guest OS users to cause a denial of service (NULL pointer dereference and host OS crash) via vectors related to instruction emulation.
References
▼ | URL | Tags |
---|---|---|
https://rhn.redhat.com/errata/RHSA-2010-0627.html | vendor-advisory, x_refsource_REDHAT | |
http://secunia.com/advisories/42778 | third-party-advisory, x_refsource_SECUNIA | |
https://rhn.redhat.com/errata/RHSA-2010-0622.html | vendor-advisory, x_refsource_REDHAT | |
http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00000.html | vendor-advisory, x_refsource_SUSE | |
https://bugzilla.redhat.com/show_bug.cgi?id=570528 | x_refsource_CONFIRM | |
http://www.vupen.com/english/advisories/2011/0012 | vdb-entry, x_refsource_VUPEN |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-07T00:52:17.396Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "RHSA-2010:0627", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://rhn.redhat.com/errata/RHSA-2010-0627.html", }, { name: "42778", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/42778", }, { name: "RHSA-2010:0622", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://rhn.redhat.com/errata/RHSA-2010-0622.html", }, { name: "SUSE-SA:2011:001", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00000.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=570528", }, { name: "ADV-2011-0012", tags: [ "vdb-entry", "x_refsource_VUPEN", "x_transferred", ], url: "http://www.vupen.com/english/advisories/2011/0012", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2010-08-19T00:00:00", descriptions: [ { lang: "en", value: "The Hypervisor (aka rhev-hypervisor) in Red Hat Enterprise Virtualization (RHEV) 2.2, and KVM 83, when the Intel VT-x extension is enabled, allows guest OS users to cause a denial of service (NULL pointer dereference and host OS crash) via vectors related to instruction emulation.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2011-01-15T10:00:00", orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", shortName: "redhat", }, references: [ { name: "RHSA-2010:0627", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://rhn.redhat.com/errata/RHSA-2010-0627.html", }, { name: "42778", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/42778", }, { name: "RHSA-2010:0622", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://rhn.redhat.com/errata/RHSA-2010-0622.html", }, { name: "SUSE-SA:2011:001", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00000.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=570528", }, { name: "ADV-2011-0012", tags: [ "vdb-entry", "x_refsource_VUPEN", ], url: "http://www.vupen.com/english/advisories/2011/0012", }, ], }, }, cveMetadata: { assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", assignerShortName: "redhat", cveId: "CVE-2010-0435", datePublished: "2010-08-24T17:00:00", dateReserved: "2010-01-27T00:00:00", dateUpdated: "2024-08-07T00:52:17.396Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2016-6338
Vulnerability from cvelistv5
Published
2017-04-20 17:00
Modified
2024-08-06 01:29
Severity ?
EPSS score ?
Summary
ovirt-engine-webadmin, as used in Red Hat Enterprise Virtualization Manager (aka RHEV-M) for Servers and RHEV-M 4.0, allows physically proximate attackers to bypass a webadmin session timeout restriction via vectors related to UI selections, which trigger repeating queries.
References
▼ | URL | Tags |
---|---|---|
http://www.securityfocus.com/bid/92666 | vdb-entry, x_refsource_BID | |
https://access.redhat.com/errata/RHSA-2017:3427 | vendor-advisory, x_refsource_REDHAT | |
https://bugzilla.redhat.com/show_bug.cgi?id=1369285 | x_refsource_CONFIRM |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T01:29:19.530Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "92666", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/92666", }, { name: "RHSA-2017:3427", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2017:3427", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1369285", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2016-08-22T00:00:00", descriptions: [ { lang: "en", value: "ovirt-engine-webadmin, as used in Red Hat Enterprise Virtualization Manager (aka RHEV-M) for Servers and RHEV-M 4.0, allows physically proximate attackers to bypass a webadmin session timeout restriction via vectors related to UI selections, which trigger repeating queries.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2017-12-12T10:57:01", orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", shortName: "redhat", }, references: [ { name: "92666", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/92666", }, { name: "RHSA-2017:3427", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2017:3427", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1369285", }, ], }, }, cveMetadata: { assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", assignerShortName: "redhat", cveId: "CVE-2016-6338", datePublished: "2017-04-20T17:00:00", dateReserved: "2016-07-26T00:00:00", dateUpdated: "2024-08-06T01:29:19.530Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2013-1591
Vulnerability from cvelistv5
Published
2013-01-31 23:00
Modified
2024-08-06 15:04
Severity ?
EPSS score ?
Summary
Stack-based buffer overflow in libpixman, as used in Pale Moon before 15.4 and possibly other products, has unspecified impact and context-dependent attack vectors. NOTE: this issue might be resultant from an integer overflow in the fast_composite_scaled_bilinear function in pixman-inlines.h, which triggers an infinite loop.
References
▼ | URL | Tags |
---|---|---|
http://www.palemoon.org/releasenotes-ng.shtml | x_refsource_CONFIRM | |
https://wiki.mageia.org/en/Support/Advisories/MGASA-2013-0077 | x_refsource_CONFIRM | |
http://rhn.redhat.com/errata/RHSA-2013-0687.html | vendor-advisory, x_refsource_REDHAT | |
https://bugzilla.redhat.com/show_bug.cgi?id=910149 | x_refsource_CONFIRM | |
http://rhn.redhat.com/errata/RHSA-2013-0746.html | vendor-advisory, x_refsource_REDHAT | |
http://cgit.freedesktop.org/pixman/commit/?id=de60e2e0e3eb6084f8f14b63f25b3cbfb012943f | x_refsource_MISC | |
http://www.mandriva.com/security/advisories?name=MDVSA-2013:116 | vendor-advisory, x_refsource_MANDRIVA | |
https://support.f5.com/csp/article/K51392553 | x_refsource_CONFIRM |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T15:04:49.578Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.palemoon.org/releasenotes-ng.shtml", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://wiki.mageia.org/en/Support/Advisories/MGASA-2013-0077", }, { name: "RHSA-2013:0687", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2013-0687.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=910149", }, { name: "RHSA-2013:0746", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2013-0746.html", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://cgit.freedesktop.org/pixman/commit/?id=de60e2e0e3eb6084f8f14b63f25b3cbfb012943f", }, { name: "MDVSA-2013:116", tags: [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred", ], url: "http://www.mandriva.com/security/advisories?name=MDVSA-2013:116", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://support.f5.com/csp/article/K51392553", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2013-01-16T00:00:00", descriptions: [ { lang: "en", value: "Stack-based buffer overflow in libpixman, as used in Pale Moon before 15.4 and possibly other products, has unspecified impact and context-dependent attack vectors. NOTE: this issue might be resultant from an integer overflow in the fast_composite_scaled_bilinear function in pixman-inlines.h, which triggers an infinite loop.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2019-05-22T12:06:04", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "http://www.palemoon.org/releasenotes-ng.shtml", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://wiki.mageia.org/en/Support/Advisories/MGASA-2013-0077", }, { name: "RHSA-2013:0687", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2013-0687.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=910149", }, { name: "RHSA-2013:0746", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2013-0746.html", }, { tags: [ "x_refsource_MISC", ], url: "http://cgit.freedesktop.org/pixman/commit/?id=de60e2e0e3eb6084f8f14b63f25b3cbfb012943f", }, { name: "MDVSA-2013:116", tags: [ "vendor-advisory", "x_refsource_MANDRIVA", ], url: "http://www.mandriva.com/security/advisories?name=MDVSA-2013:116", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://support.f5.com/csp/article/K51392553", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2013-1591", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Stack-based buffer overflow in libpixman, as used in Pale Moon before 15.4 and possibly other products, has unspecified impact and context-dependent attack vectors. NOTE: this issue might be resultant from an integer overflow in the fast_composite_scaled_bilinear function in pixman-inlines.h, which triggers an infinite loop.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "http://www.palemoon.org/releasenotes-ng.shtml", refsource: "CONFIRM", url: "http://www.palemoon.org/releasenotes-ng.shtml", }, { name: "https://wiki.mageia.org/en/Support/Advisories/MGASA-2013-0077", refsource: "CONFIRM", url: "https://wiki.mageia.org/en/Support/Advisories/MGASA-2013-0077", }, { name: "RHSA-2013:0687", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2013-0687.html", }, { name: "https://bugzilla.redhat.com/show_bug.cgi?id=910149", refsource: "CONFIRM", url: "https://bugzilla.redhat.com/show_bug.cgi?id=910149", }, { name: "RHSA-2013:0746", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2013-0746.html", }, { name: "http://cgit.freedesktop.org/pixman/commit/?id=de60e2e0e3eb6084f8f14b63f25b3cbfb012943f", refsource: "MISC", url: "http://cgit.freedesktop.org/pixman/commit/?id=de60e2e0e3eb6084f8f14b63f25b3cbfb012943f", }, { name: "MDVSA-2013:116", refsource: "MANDRIVA", url: "http://www.mandriva.com/security/advisories?name=MDVSA-2013:116", }, { name: "https://support.f5.com/csp/article/K51392553", refsource: "CONFIRM", url: "https://support.f5.com/csp/article/K51392553", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2013-1591", datePublished: "2013-01-31T23:00:00", dateReserved: "2013-01-31T00:00:00", dateUpdated: "2024-08-06T15:04:49.578Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2013-2152
Vulnerability from cvelistv5
Published
2014-01-21 18:00
Modified
2024-08-06 15:27
Severity ?
EPSS score ?
Summary
Unquoted Windows search path vulnerability in the SPICE service, as used in Red Hat Enterprise Virtualization (RHEV) 3.2, allows local users to gain privileges via a crafted application in an unspecified folder.
References
▼ | URL | Tags |
---|---|---|
http://rhn.redhat.com/errata/RHSA-2013-0924.html | vendor-advisory, x_refsource_REDHAT | |
https://exchange.xforce.ibmcloud.com/vulnerabilities/84866 | vdb-entry, x_refsource_XF | |
http://rhn.redhat.com/errata/RHSA-2013-0925.html | vendor-advisory, x_refsource_REDHAT | |
http://www.securityfocus.com/bid/60475 | vdb-entry, x_refsource_BID | |
https://bugzilla.redhat.com/show_bug.cgi?id=971172 | x_refsource_MISC |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T15:27:40.814Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "RHSA-2013:0924", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2013-0924.html", }, { name: "enterprise-cve20132152-priv-esc(84866)", tags: [ "vdb-entry", "x_refsource_XF", "x_transferred", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/84866", }, { name: "RHSA-2013:0925", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2013-0925.html", }, { name: "60475", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/60475", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=971172", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2013-06-10T00:00:00", descriptions: [ { lang: "en", value: "Unquoted Windows search path vulnerability in the SPICE service, as used in Red Hat Enterprise Virtualization (RHEV) 3.2, allows local users to gain privileges via a crafted application in an unspecified folder.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2017-08-28T12:57:01", orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", shortName: "redhat", }, references: [ { name: "RHSA-2013:0924", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2013-0924.html", }, { name: "enterprise-cve20132152-priv-esc(84866)", tags: [ "vdb-entry", "x_refsource_XF", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/84866", }, { name: "RHSA-2013:0925", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2013-0925.html", }, { name: "60475", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/60475", }, { tags: [ "x_refsource_MISC", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=971172", }, ], }, }, cveMetadata: { assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", assignerShortName: "redhat", cveId: "CVE-2013-2152", datePublished: "2014-01-21T18:00:00", dateReserved: "2013-02-19T00:00:00", dateUpdated: "2024-08-06T15:27:40.814Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2013-2176
Vulnerability from cvelistv5
Published
2013-08-28 17:00
Modified
2024-09-16 23:10
Severity ?
EPSS score ?
Summary
Unquoted Windows search path vulnerability in the Red Hat Enterprise Virtualization Application Provisioning Tool (RHEV-APT) in the rhev-guest-tools-iso package 3.2 allows local users to gain privileges via a Trojan horse application.
References
▼ | URL | Tags |
---|---|---|
http://rhn.redhat.com/errata/RHSA-2013-1122.html | vendor-advisory, x_refsource_REDHAT |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T15:27:41.048Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "RHSA-2013:1122", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2013-1122.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "Unquoted Windows search path vulnerability in the Red Hat Enterprise Virtualization Application Provisioning Tool (RHEV-APT) in the rhev-guest-tools-iso package 3.2 allows local users to gain privileges via a Trojan horse application.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2013-08-28T17:00:00Z", orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", shortName: "redhat", }, references: [ { name: "RHSA-2013:1122", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2013-1122.html", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "secalert@redhat.com", ID: "CVE-2013-2176", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Unquoted Windows search path vulnerability in the Red Hat Enterprise Virtualization Application Provisioning Tool (RHEV-APT) in the rhev-guest-tools-iso package 3.2 allows local users to gain privileges via a Trojan horse application.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "RHSA-2013:1122", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2013-1122.html", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", assignerShortName: "redhat", cveId: "CVE-2013-2176", datePublished: "2013-08-28T17:00:00Z", dateReserved: "2013-02-19T00:00:00Z", dateUpdated: "2024-09-16T23:10:41.813Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2014-3561
Vulnerability from cvelistv5
Published
2014-12-05 16:00
Modified
2024-08-06 10:50
Severity ?
EPSS score ?
Summary
The rhevm-log-collector package in Red Hat Enterprise Virtualization 3.4 uses the PostgreSQL database password on the command line when calling sosreport, which allows local users to obtain sensitive information by listing the processes.
References
▼ | URL | Tags |
---|---|---|
https://exchange.xforce.ibmcloud.com/vulnerabilities/99096 | vdb-entry, x_refsource_XF | |
http://www.securitytracker.com/id/1031291 | vdb-entry, x_refsource_SECTRACK | |
http://rhn.redhat.com/errata/RHSA-2014-1947.html | vendor-advisory, x_refsource_REDHAT |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T10:50:17.352Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "rhevm-log-collector-info-disc(99096)", tags: [ "vdb-entry", "x_refsource_XF", "x_transferred", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/99096", }, { name: "1031291", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://www.securitytracker.com/id/1031291", }, { name: "RHSA-2014:1947", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2014-1947.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2014-12-02T00:00:00", descriptions: [ { lang: "en", value: "The rhevm-log-collector package in Red Hat Enterprise Virtualization 3.4 uses the PostgreSQL database password on the command line when calling sosreport, which allows local users to obtain sensitive information by listing the processes.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2017-08-28T12:57:01", orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", shortName: "redhat", }, references: [ { name: "rhevm-log-collector-info-disc(99096)", tags: [ "vdb-entry", "x_refsource_XF", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/99096", }, { name: "1031291", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://www.securitytracker.com/id/1031291", }, { name: "RHSA-2014:1947", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2014-1947.html", }, ], }, }, cveMetadata: { assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", assignerShortName: "redhat", cveId: "CVE-2014-3561", datePublished: "2014-12-05T16:00:00", dateReserved: "2014-05-14T00:00:00", dateUpdated: "2024-08-06T10:50:17.352Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2014-8170
Vulnerability from cvelistv5
Published
2017-09-25 19:00
Modified
2024-08-06 13:10
Severity ?
EPSS score ?
Summary
ovirt_safe_delete_config in ovirtfunctions.py and other unspecified locations in ovirt-node 3.0.0-474-gb852fd7 as packaged in Red Hat Enterprise Virtualization 3 do not properly quote input strings, which allows remote authenticated users and physically proximate attackers to execute arbitrary commands via a ; (semicolon) in an input string.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T13:10:50.900Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://gerrit.ovirt.org/gitweb?p=ovirt-node.git%3Ba=blob%3Bf=src/ovirtnode/ovirtfunctions.py%3Bh=caef7ef019ca12b49aa3c030792538956fb4caad%3Bhb=e11e02cd9256c854dd0419515097637d6829b4f1#l1091", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1194745", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2015-02-20T00:00:00", descriptions: [ { lang: "en", value: "ovirt_safe_delete_config in ovirtfunctions.py and other unspecified locations in ovirt-node 3.0.0-474-gb852fd7 as packaged in Red Hat Enterprise Virtualization 3 do not properly quote input strings, which allows remote authenticated users and physically proximate attackers to execute arbitrary commands via a ; (semicolon) in an input string.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2017-09-25T18:57:01", orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", shortName: "redhat", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://gerrit.ovirt.org/gitweb?p=ovirt-node.git%3Ba=blob%3Bf=src/ovirtnode/ovirtfunctions.py%3Bh=caef7ef019ca12b49aa3c030792538956fb4caad%3Bhb=e11e02cd9256c854dd0419515097637d6829b4f1#l1091", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1194745", }, ], }, }, cveMetadata: { assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", assignerShortName: "redhat", cveId: "CVE-2014-8170", datePublished: "2017-09-25T19:00:00", dateReserved: "2014-10-10T00:00:00", dateUpdated: "2024-08-06T13:10:50.900Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2014-0179
Vulnerability from cvelistv5
Published
2014-08-03 18:00
Modified
2024-08-06 09:05
Severity ?
EPSS score ?
Summary
libvirt 0.7.5 through 1.2.x before 1.2.5 allows local users to cause a denial of service (read block and hang) via a crafted XML document containing an XML external entity declaration in conjunction with an entity reference to the (1) virConnectCompareCPU or (2) virConnectBaselineCPU API method, related to an XML External Entity (XXE) issue. NOTE: this issue was SPLIT per ADT3 due to different affected versions of some vectors. CVE-2014-5177 is used for other API methods.
References
▼ | URL | Tags |
---|---|---|
http://rhn.redhat.com/errata/RHSA-2014-0560.html | vendor-advisory, x_refsource_REDHAT | |
http://libvirt.org/news.html | x_refsource_CONFIRM | |
http://secunia.com/advisories/60895 | third-party-advisory, x_refsource_SECUNIA | |
http://security.gentoo.org/glsa/glsa-201412-04.xml | vendor-advisory, x_refsource_GENTOO | |
http://lists.opensuse.org/opensuse-updates/2014-05/msg00052.html | vendor-advisory, x_refsource_SUSE | |
http://www.debian.org/security/2014/dsa-3038 | vendor-advisory, x_refsource_DEBIAN | |
http://lists.opensuse.org/opensuse-updates/2014-05/msg00048.html | vendor-advisory, x_refsource_SUSE | |
http://www.ubuntu.com/usn/USN-2366-1 | vendor-advisory, x_refsource_UBUNTU | |
http://security.libvirt.org/2014/0003.html | x_refsource_CONFIRM |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T09:05:39.165Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "RHSA-2014:0560", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2014-0560.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://libvirt.org/news.html", }, { name: "60895", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/60895", }, { name: "GLSA-201412-04", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "http://security.gentoo.org/glsa/glsa-201412-04.xml", }, { name: "openSUSE-SU-2014:0674", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-updates/2014-05/msg00052.html", }, { name: "DSA-3038", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "http://www.debian.org/security/2014/dsa-3038", }, { name: "openSUSE-SU-2014:0650", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-updates/2014-05/msg00048.html", }, { name: "USN-2366-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "http://www.ubuntu.com/usn/USN-2366-1", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://security.libvirt.org/2014/0003.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2014-05-06T00:00:00", descriptions: [ { lang: "en", value: "libvirt 0.7.5 through 1.2.x before 1.2.5 allows local users to cause a denial of service (read block and hang) via a crafted XML document containing an XML external entity declaration in conjunction with an entity reference to the (1) virConnectCompareCPU or (2) virConnectBaselineCPU API method, related to an XML External Entity (XXE) issue. NOTE: this issue was SPLIT per ADT3 due to different affected versions of some vectors. CVE-2014-5177 is used for other API methods.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2014-12-12T13:57:01", orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", shortName: "redhat", }, references: [ { name: "RHSA-2014:0560", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2014-0560.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://libvirt.org/news.html", }, { name: "60895", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/60895", }, { name: "GLSA-201412-04", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "http://security.gentoo.org/glsa/glsa-201412-04.xml", }, { name: "openSUSE-SU-2014:0674", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-updates/2014-05/msg00052.html", }, { name: "DSA-3038", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "http://www.debian.org/security/2014/dsa-3038", }, { name: "openSUSE-SU-2014:0650", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-updates/2014-05/msg00048.html", }, { name: "USN-2366-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "http://www.ubuntu.com/usn/USN-2366-1", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://security.libvirt.org/2014/0003.html", }, ], }, }, cveMetadata: { assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", assignerShortName: "redhat", cveId: "CVE-2014-0179", datePublished: "2014-08-03T18:00:00", dateReserved: "2013-12-03T00:00:00", dateUpdated: "2024-08-06T09:05:39.165Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2018-1117
Vulnerability from cvelistv5
Published
2018-06-19 13:00
Modified
2024-08-05 03:51
Severity ?
EPSS score ?
Summary
ovirt-ansible-roles before version 1.0.6 has a vulnerability due to a missing no_log directive, resulting in the 'Add oVirt Provider to ManageIQ/CloudForms' playbook inadvertently disclosing admin passwords in the provisioning log. In an environment where logs are shared with other parties, this could lead to privilege escalation.
References
▼ | URL | Tags |
---|---|---|
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-1117 | x_refsource_CONFIRM | |
http://www.securityfocus.com/bid/104186 | vdb-entry, x_refsource_BID | |
https://access.redhat.com/errata/RHSA-2018:1452 | vendor-advisory, x_refsource_REDHAT |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | [UNKNOWN] | ovirt-ansible-roles |
Version: ovirt-ansible-roles 1.0.6 |
|
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T03:51:48.428Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-1117", }, { name: "104186", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/104186", }, { name: "RHSA-2018:1452", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2018:1452", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "ovirt-ansible-roles", vendor: "[UNKNOWN]", versions: [ { status: "affected", version: "ovirt-ansible-roles 1.0.6", }, ], }, ], datePublic: "2018-05-15T00:00:00", descriptions: [ { lang: "en", value: "ovirt-ansible-roles before version 1.0.6 has a vulnerability due to a missing no_log directive, resulting in the 'Add oVirt Provider to ManageIQ/CloudForms' playbook inadvertently disclosing admin passwords in the provisioning log. In an environment where logs are shared with other parties, this could lead to privilege escalation.", }, ], metrics: [ { cvssV3_0: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N", version: "3.0", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-532", description: "CWE-532", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2018-06-20T09:57:01", orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", shortName: "redhat", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-1117", }, { name: "104186", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/104186", }, { name: "RHSA-2018:1452", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2018:1452", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "secalert@redhat.com", ID: "CVE-2018-1117", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "ovirt-ansible-roles", version: { version_data: [ { version_value: "ovirt-ansible-roles 1.0.6", }, ], }, }, ], }, vendor_name: "[UNKNOWN]", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "ovirt-ansible-roles before version 1.0.6 has a vulnerability due to a missing no_log directive, resulting in the 'Add oVirt Provider to ManageIQ/CloudForms' playbook inadvertently disclosing admin passwords in the provisioning log. In an environment where logs are shared with other parties, this could lead to privilege escalation.", }, ], }, impact: { cvss: [ [ { vectorString: "5.0/CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N", version: "3.0", }, ], ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-532", }, ], }, ], }, references: { reference_data: [ { name: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-1117", refsource: "CONFIRM", url: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-1117", }, { name: "104186", refsource: "BID", url: "http://www.securityfocus.com/bid/104186", }, { name: "RHSA-2018:1452", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2018:1452", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", assignerShortName: "redhat", cveId: "CVE-2018-1117", datePublished: "2018-06-19T13:00:00", dateReserved: "2017-12-04T00:00:00", dateUpdated: "2024-08-05T03:51:48.428Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2017-2614
Vulnerability from cvelistv5
Published
2018-07-27 18:00
Modified
2024-08-05 14:02
Severity ?
EPSS score ?
Summary
When updating a password in the rhvm database the ovirt-aaa-jdbc-tool tools before 1.1.3 fail to correctly check for the current password if it is expired. This would allow access to an attacker with access to change the password on accounts with expired passwords, gaining access to those accounts.
References
▼ | URL | Tags |
---|---|---|
http://rhn.redhat.com/errata/RHSA-2017-0257.html | vendor-advisory, x_refsource_REDHAT | |
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-2614 | x_refsource_CONFIRM |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | Red Hat | ovirt-engine-extension-aaa-jdbc |
Version: 1.1.3 |
|
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T14:02:06.983Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "RHSA-2017:0257", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2017-0257.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-2614", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "ovirt-engine-extension-aaa-jdbc", vendor: "Red Hat", versions: [ { status: "affected", version: "1.1.3", }, ], }, ], datePublic: "2018-07-27T00:00:00", descriptions: [ { lang: "en", value: "When updating a password in the rhvm database the ovirt-aaa-jdbc-tool tools before 1.1.3 fail to correctly check for the current password if it is expired. This would allow access to an attacker with access to change the password on accounts with expired passwords, gaining access to those accounts.", }, ], metrics: [ { cvssV3_0: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "LOW", baseScore: 6.8, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L", version: "3.0", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-20", description: "CWE-20", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2018-07-28T09:57:01", orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", shortName: "redhat", }, references: [ { name: "RHSA-2017:0257", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2017-0257.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-2614", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "secalert@redhat.com", ID: "CVE-2017-2614", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "ovirt-engine-extension-aaa-jdbc", version: { version_data: [ { version_value: "1.1.3", }, ], }, }, ], }, vendor_name: "Red Hat", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "When updating a password in the rhvm database the ovirt-aaa-jdbc-tool tools before 1.1.3 fail to correctly check for the current password if it is expired. This would allow access to an attacker with access to change the password on accounts with expired passwords, gaining access to those accounts.", }, ], }, impact: { cvss: [ [ { vectorString: "6.8/CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L", version: "3.0", }, ], ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-20", }, ], }, ], }, references: { reference_data: [ { name: "RHSA-2017:0257", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2017-0257.html", }, { name: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-2614", refsource: "CONFIRM", url: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-2614", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", assignerShortName: "redhat", cveId: "CVE-2017-2614", datePublished: "2018-07-27T18:00:00", dateReserved: "2016-12-01T00:00:00", dateUpdated: "2024-08-05T14:02:06.983Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2015-5201
Vulnerability from cvelistv5
Published
2020-02-25 20:16
Modified
2024-08-06 06:41
Severity ?
EPSS score ?
Summary
VDSM and libvirt in Red Hat Enterprise Virtualization Hypervisor (aka RHEV-H) 7-7.x before 7-7.2-20151119.0 and 6-6.x before 6-6.7-20151117.0 as packaged in Red Hat Enterprise Virtualization before 3.5.6 when VSDM is run with -spice disable-ticketing and a VM is suspended and then restored, allows remote attackers to log in without authentication via unspecified vectors.
References
▼ | URL | Tags |
---|---|---|
https://bugzilla.redhat.com/show_bug.cgi?id=1253882 | x_refsource_MISC | |
https://rhn.redhat.com/errata/RHEA-2015-2527.html | x_refsource_MISC | |
https://bugzilla.redhat.com/show_bug.cgi?id=1273144 | x_refsource_MISC | |
https://access.redhat.com/security/cve/cve-2015-5201 | x_refsource_CONFIRM |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | RedHat | Enterprise Virtualization Hypervisor (aka RHEV-H) |
Version: 7-7.x before 7-7.2-20151119.0 and 6-6.x before 6-6.7-20151117.0 |
|
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T06:41:08.567Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1253882", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://rhn.redhat.com/errata/RHEA-2015-2527.html", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1273144", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://access.redhat.com/security/cve/cve-2015-5201", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Enterprise Virtualization Hypervisor (aka RHEV-H)", vendor: "RedHat", versions: [ { status: "affected", version: "7-7.x before 7-7.2-20151119.0 and 6-6.x before 6-6.7-20151117.0", }, ], }, ], datePublic: "2015-08-14T00:00:00", descriptions: [ { lang: "en", value: "VDSM and libvirt in Red Hat Enterprise Virtualization Hypervisor (aka RHEV-H) 7-7.x before 7-7.2-20151119.0 and 6-6.x before 6-6.7-20151117.0 as packaged in Red Hat Enterprise Virtualization before 3.5.6 when VSDM is run with -spice disable-ticketing and a VM is suspended and then restored, allows remote attackers to log in without authentication via unspecified vectors.", }, ], problemTypes: [ { descriptions: [ { description: "Weak Authentication", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2020-02-25T20:16:02", orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", shortName: "redhat", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1253882", }, { tags: [ "x_refsource_MISC", ], url: "https://rhn.redhat.com/errata/RHEA-2015-2527.html", }, { tags: [ "x_refsource_MISC", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1273144", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://access.redhat.com/security/cve/cve-2015-5201", }, ], }, }, cveMetadata: { assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", assignerShortName: "redhat", cveId: "CVE-2015-5201", datePublished: "2020-02-25T20:16:02", dateReserved: "2015-07-01T00:00:00", dateUpdated: "2024-08-06T06:41:08.567Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2008-3522
Vulnerability from cvelistv5
Published
2008-10-02 18:00
Modified
2024-08-07 09:45
Severity ?
EPSS score ?
Summary
Buffer overflow in the jas_stream_printf function in libjasper/base/jas_stream.c in JasPer 1.900.1 might allow context-dependent attackers to have an unknown impact via vectors related to the mif_hdr_put function and use of vsprintf.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-07T09:45:18.634Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "31470", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/31470", }, { name: "MDVSA-2009:164", tags: [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred", ], url: "http://www.mandriva.com/security/advisories?name=MDVSA-2009:164", }, { name: "MDVSA-2009:144", tags: [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred", ], url: "http://www.mandriva.com/security/advisories?name=MDVSA-2009:144", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://bugs.gentoo.org/attachment.cgi?id=163282&action=view", }, { name: "34391", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/34391", }, { name: "MDVSA-2009:142", tags: [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred", ], url: "http://www.mandriva.com/security/advisories?name=MDVSA-2009:142", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://bugs.gentoo.org/show_bug.cgi?id=222819", }, { name: "USN-742-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "http://www.ubuntu.com/usn/USN-742-1", }, { name: "jasper-jasstreamprintf-bo(45623)", tags: [ "vdb-entry", "x_refsource_XF", "x_transferred", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/45623", }, { name: "RHSA-2015:0698", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2015-0698.html", }, { name: "33173", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/33173", }, { name: "GLSA-200812-18", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "http://security.gentoo.org/glsa/glsa-200812-18.xml", }, { name: "SSA:2015-302-02", tags: [ "vendor-advisory", "x_refsource_SLACKWARE", "x_transferred", ], url: "http://www.slackware.com/security/viewer.php?l=slackware-security&y=2015&m=slackware-security.538606", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2008-09-29T00:00:00", descriptions: [ { lang: "en", value: "Buffer overflow in the jas_stream_printf function in libjasper/base/jas_stream.c in JasPer 1.900.1 might allow context-dependent attackers to have an unknown impact via vectors related to the mif_hdr_put function and use of vsprintf.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2017-08-07T12:57:01", orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", shortName: "redhat", }, references: [ { name: "31470", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/31470", }, { name: "MDVSA-2009:164", tags: [ "vendor-advisory", "x_refsource_MANDRIVA", ], url: "http://www.mandriva.com/security/advisories?name=MDVSA-2009:164", }, { name: "MDVSA-2009:144", tags: [ "vendor-advisory", "x_refsource_MANDRIVA", ], url: "http://www.mandriva.com/security/advisories?name=MDVSA-2009:144", }, { tags: [ "x_refsource_MISC", ], url: "http://bugs.gentoo.org/attachment.cgi?id=163282&action=view", }, { name: "34391", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/34391", }, { name: "MDVSA-2009:142", tags: [ "vendor-advisory", "x_refsource_MANDRIVA", ], url: "http://www.mandriva.com/security/advisories?name=MDVSA-2009:142", }, { tags: [ "x_refsource_MISC", ], url: "http://bugs.gentoo.org/show_bug.cgi?id=222819", }, { name: "USN-742-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "http://www.ubuntu.com/usn/USN-742-1", }, { name: "jasper-jasstreamprintf-bo(45623)", tags: [ "vdb-entry", "x_refsource_XF", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/45623", }, { name: "RHSA-2015:0698", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2015-0698.html", }, { name: "33173", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/33173", }, { name: "GLSA-200812-18", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "http://security.gentoo.org/glsa/glsa-200812-18.xml", }, { name: "SSA:2015-302-02", tags: [ "vendor-advisory", "x_refsource_SLACKWARE", ], url: "http://www.slackware.com/security/viewer.php?l=slackware-security&y=2015&m=slackware-security.538606", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "secalert@redhat.com", ID: "CVE-2008-3522", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Buffer overflow in the jas_stream_printf function in libjasper/base/jas_stream.c in JasPer 1.900.1 might allow context-dependent attackers to have an unknown impact via vectors related to the mif_hdr_put function and use of vsprintf.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "31470", refsource: "BID", url: "http://www.securityfocus.com/bid/31470", }, { name: "MDVSA-2009:164", refsource: "MANDRIVA", url: "http://www.mandriva.com/security/advisories?name=MDVSA-2009:164", }, { name: "MDVSA-2009:144", refsource: "MANDRIVA", url: "http://www.mandriva.com/security/advisories?name=MDVSA-2009:144", }, { name: "http://bugs.gentoo.org/attachment.cgi?id=163282&action=view", refsource: "MISC", url: "http://bugs.gentoo.org/attachment.cgi?id=163282&action=view", }, { name: "34391", refsource: "SECUNIA", url: "http://secunia.com/advisories/34391", }, { name: "MDVSA-2009:142", refsource: "MANDRIVA", url: "http://www.mandriva.com/security/advisories?name=MDVSA-2009:142", }, { name: "http://bugs.gentoo.org/show_bug.cgi?id=222819", refsource: "MISC", url: "http://bugs.gentoo.org/show_bug.cgi?id=222819", }, { name: "USN-742-1", refsource: "UBUNTU", url: "http://www.ubuntu.com/usn/USN-742-1", }, { name: "jasper-jasstreamprintf-bo(45623)", refsource: "XF", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/45623", }, { name: "RHSA-2015:0698", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2015-0698.html", }, { name: "33173", refsource: "SECUNIA", url: "http://secunia.com/advisories/33173", }, { name: "GLSA-200812-18", refsource: "GENTOO", url: "http://security.gentoo.org/glsa/glsa-200812-18.xml", }, { name: "SSA:2015-302-02", refsource: "SLACKWARE", url: "http://www.slackware.com/security/viewer.php?l=slackware-security&y=2015&m=slackware-security.538606", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", assignerShortName: "redhat", cveId: "CVE-2008-3522", datePublished: "2008-10-02T18:00:00", dateReserved: "2008-08-07T00:00:00", dateUpdated: "2024-08-07T09:45:18.634Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2015-1841
Vulnerability from cvelistv5
Published
2015-09-08 15:00
Modified
2024-08-06 04:54
Severity ?
EPSS score ?
Summary
The Web Admin interface in Red Hat Enterprise Virtualization Manager (RHEV-M) allows local users to bypass the timeout function by selecting a VM in the VM grid view.
References
▼ | URL | Tags |
---|---|---|
http://www.securitytracker.com/id/1033459 | vdb-entry, x_refsource_SECTRACK | |
http://rhn.redhat.com/errata/RHSA-2015-1713.html | vendor-advisory, x_refsource_REDHAT |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T04:54:16.320Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "1033459", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://www.securitytracker.com/id/1033459", }, { name: "RHSA-2015:1713", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1713.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2015-09-03T00:00:00", descriptions: [ { lang: "en", value: "The Web Admin interface in Red Hat Enterprise Virtualization Manager (RHEV-M) allows local users to bypass the timeout function by selecting a VM in the VM grid view.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2015-09-08T14:57:02", orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", shortName: "redhat", }, references: [ { name: "1033459", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://www.securitytracker.com/id/1033459", }, { name: "RHSA-2015:1713", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1713.html", }, ], }, }, cveMetadata: { assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", assignerShortName: "redhat", cveId: "CVE-2015-1841", datePublished: "2015-09-08T15:00:00", dateReserved: "2015-02-17T00:00:00", dateUpdated: "2024-08-06T04:54:16.320Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2014-5177
Vulnerability from cvelistv5
Published
2014-08-03 18:00
Modified
2024-08-06 11:34
Severity ?
EPSS score ?
Summary
libvirt 1.0.0 through 1.2.x before 1.2.5, when fine grained access control is enabled, allows local users to read arbitrary files via a crafted XML document containing an XML external entity declaration in conjunction with an entity reference to the (1) virDomainDefineXML, (2) virNetworkCreateXML, (3) virNetworkDefineXML, (4) virStoragePoolCreateXML, (5) virStoragePoolDefineXML, (6) virStorageVolCreateXML, (7) virDomainCreateXML, (8) virNodeDeviceCreateXML, (9) virInterfaceDefineXML, (10) virStorageVolCreateXMLFrom, (11) virConnectDomainXMLFromNative, (12) virConnectDomainXMLToNative, (13) virSecretDefineXML, (14) virNWFilterDefineXML, (15) virDomainSnapshotCreateXML, (16) virDomainSaveImageDefineXML, (17) virDomainCreateXMLWithFiles, (18) virConnectCompareCPU, or (19) virConnectBaselineCPU API method, related to an XML External Entity (XXE) issue. NOTE: this issue was SPLIT from CVE-2014-0179 per ADT3 due to different affected versions of some vectors.
References
▼ | URL | Tags |
---|---|---|
http://rhn.redhat.com/errata/RHSA-2014-0560.html | vendor-advisory, x_refsource_REDHAT | |
http://libvirt.org/news.html | x_refsource_CONFIRM | |
http://secunia.com/advisories/60895 | third-party-advisory, x_refsource_SECUNIA | |
http://security.gentoo.org/glsa/glsa-201412-04.xml | vendor-advisory, x_refsource_GENTOO | |
http://lists.opensuse.org/opensuse-updates/2014-05/msg00052.html | vendor-advisory, x_refsource_SUSE | |
http://lists.opensuse.org/opensuse-updates/2014-05/msg00048.html | vendor-advisory, x_refsource_SUSE | |
http://www.ubuntu.com/usn/USN-2366-1 | vendor-advisory, x_refsource_UBUNTU | |
http://security.libvirt.org/2014/0003.html | x_refsource_CONFIRM |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T11:34:37.613Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "RHSA-2014:0560", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2014-0560.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://libvirt.org/news.html", }, { name: "60895", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/60895", }, { name: "GLSA-201412-04", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "http://security.gentoo.org/glsa/glsa-201412-04.xml", }, { name: "openSUSE-SU-2014:0674", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-updates/2014-05/msg00052.html", }, { name: "openSUSE-SU-2014:0650", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-updates/2014-05/msg00048.html", }, { name: "USN-2366-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "http://www.ubuntu.com/usn/USN-2366-1", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://security.libvirt.org/2014/0003.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2014-05-06T00:00:00", descriptions: [ { lang: "en", value: "libvirt 1.0.0 through 1.2.x before 1.2.5, when fine grained access control is enabled, allows local users to read arbitrary files via a crafted XML document containing an XML external entity declaration in conjunction with an entity reference to the (1) virDomainDefineXML, (2) virNetworkCreateXML, (3) virNetworkDefineXML, (4) virStoragePoolCreateXML, (5) virStoragePoolDefineXML, (6) virStorageVolCreateXML, (7) virDomainCreateXML, (8) virNodeDeviceCreateXML, (9) virInterfaceDefineXML, (10) virStorageVolCreateXMLFrom, (11) virConnectDomainXMLFromNative, (12) virConnectDomainXMLToNative, (13) virSecretDefineXML, (14) virNWFilterDefineXML, (15) virDomainSnapshotCreateXML, (16) virDomainSaveImageDefineXML, (17) virDomainCreateXMLWithFiles, (18) virConnectCompareCPU, or (19) virConnectBaselineCPU API method, related to an XML External Entity (XXE) issue. NOTE: this issue was SPLIT from CVE-2014-0179 per ADT3 due to different affected versions of some vectors.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2014-12-12T13:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { name: "RHSA-2014:0560", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2014-0560.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://libvirt.org/news.html", }, { name: "60895", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/60895", }, { name: "GLSA-201412-04", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "http://security.gentoo.org/glsa/glsa-201412-04.xml", }, { name: "openSUSE-SU-2014:0674", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-updates/2014-05/msg00052.html", }, { name: "openSUSE-SU-2014:0650", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-updates/2014-05/msg00048.html", }, { name: "USN-2366-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "http://www.ubuntu.com/usn/USN-2366-1", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://security.libvirt.org/2014/0003.html", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2014-5177", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "libvirt 1.0.0 through 1.2.x before 1.2.5, when fine grained access control is enabled, allows local users to read arbitrary files via a crafted XML document containing an XML external entity declaration in conjunction with an entity reference to the (1) virDomainDefineXML, (2) virNetworkCreateXML, (3) virNetworkDefineXML, (4) virStoragePoolCreateXML, (5) virStoragePoolDefineXML, (6) virStorageVolCreateXML, (7) virDomainCreateXML, (8) virNodeDeviceCreateXML, (9) virInterfaceDefineXML, (10) virStorageVolCreateXMLFrom, (11) virConnectDomainXMLFromNative, (12) virConnectDomainXMLToNative, (13) virSecretDefineXML, (14) virNWFilterDefineXML, (15) virDomainSnapshotCreateXML, (16) virDomainSaveImageDefineXML, (17) virDomainCreateXMLWithFiles, (18) virConnectCompareCPU, or (19) virConnectBaselineCPU API method, related to an XML External Entity (XXE) issue. NOTE: this issue was SPLIT from CVE-2014-0179 per ADT3 due to different affected versions of some vectors.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "RHSA-2014:0560", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2014-0560.html", }, { name: "http://libvirt.org/news.html", refsource: "CONFIRM", url: "http://libvirt.org/news.html", }, { name: "60895", refsource: "SECUNIA", url: "http://secunia.com/advisories/60895", }, { name: "GLSA-201412-04", refsource: "GENTOO", url: "http://security.gentoo.org/glsa/glsa-201412-04.xml", }, { name: "openSUSE-SU-2014:0674", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-updates/2014-05/msg00052.html", }, { name: "openSUSE-SU-2014:0650", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-updates/2014-05/msg00048.html", }, { name: "USN-2366-1", refsource: "UBUNTU", url: "http://www.ubuntu.com/usn/USN-2366-1", }, { name: "http://security.libvirt.org/2014/0003.html", refsource: "CONFIRM", url: "http://security.libvirt.org/2014/0003.html", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2014-5177", datePublished: "2014-08-03T18:00:00", dateReserved: "2014-08-03T00:00:00", dateUpdated: "2024-08-06T11:34:37.613Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2014-3559
Vulnerability from cvelistv5
Published
2014-08-06 19:00
Modified
2024-08-06 10:50
Severity ?
EPSS score ?
Summary
The oVirt storage backend in Red Hat Enterprise Virtualization 3.4 does not wipe memory snapshots when deleting a VM, even when wipe-after-delete (WAD) is configured for the VM's disk, which allows remote authenticated users with certain credentials to read portions of the deleted VM's memory and obtain sensitive information via an uninitialized storage volume.
References
▼ | URL | Tags |
---|---|---|
http://www.securitytracker.com/id/1030664 | vdb-entry, x_refsource_SECTRACK | |
https://exchange.xforce.ibmcloud.com/vulnerabilities/95098 | vdb-entry, x_refsource_XF | |
http://rhn.redhat.com/errata/RHSA-2014-1002.html | vendor-advisory, x_refsource_REDHAT | |
https://bugzilla.redhat.com/show_bug.cgi?id=1121925 | x_refsource_CONFIRM |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T10:50:17.841Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "1030664", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://www.securitytracker.com/id/1030664", }, { name: "virtualizationmanager-cve20143559-info-disc(95098)", tags: [ "vdb-entry", "x_refsource_XF", "x_transferred", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/95098", }, { name: "RHSA-2014:1002", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2014-1002.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1121925", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2014-08-04T00:00:00", descriptions: [ { lang: "en", value: "The oVirt storage backend in Red Hat Enterprise Virtualization 3.4 does not wipe memory snapshots when deleting a VM, even when wipe-after-delete (WAD) is configured for the VM's disk, which allows remote authenticated users with certain credentials to read portions of the deleted VM's memory and obtain sensitive information via an uninitialized storage volume.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2017-08-28T12:57:01", orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", shortName: "redhat", }, references: [ { name: "1030664", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://www.securitytracker.com/id/1030664", }, { name: "virtualizationmanager-cve20143559-info-disc(95098)", tags: [ "vdb-entry", "x_refsource_XF", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/95098", }, { name: "RHSA-2014:1002", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2014-1002.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1121925", }, ], }, }, cveMetadata: { assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", assignerShortName: "redhat", cveId: "CVE-2014-3559", datePublished: "2014-08-06T19:00:00", dateReserved: "2014-05-14T00:00:00", dateUpdated: "2024-08-06T10:50:17.841Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2014-3485
Vulnerability from cvelistv5
Published
2014-07-11 14:00
Modified
2024-08-06 10:43
Severity ?
EPSS score ?
Summary
The REST API in the ovirt-engine in oVirt, as used in Red Hat Enterprise Virtualization (rhevm) 3.4, allows remote authenticated users to read arbitrary files and have other unspecified impact via unknown vectors, related to an XML External Entity (XXE) issue.
References
▼ | URL | Tags |
---|---|---|
http://www.securitytracker.com/id/1030501 | vdb-entry, x_refsource_SECTRACK | |
http://rhn.redhat.com/errata/RHSA-2014-0814.html | vendor-advisory, x_refsource_REDHAT |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T10:43:06.139Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "1030501", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://www.securitytracker.com/id/1030501", }, { name: "RHSA-2014:0814", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2014-0814.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2014-06-30T00:00:00", descriptions: [ { lang: "en", value: "The REST API in the ovirt-engine in oVirt, as used in Red Hat Enterprise Virtualization (rhevm) 3.4, allows remote authenticated users to read arbitrary files and have other unspecified impact via unknown vectors, related to an XML External Entity (XXE) issue.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2014-07-11T13:57:00", orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", shortName: "redhat", }, references: [ { name: "1030501", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://www.securitytracker.com/id/1030501", }, { name: "RHSA-2014:0814", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2014-0814.html", }, ], }, }, cveMetadata: { assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", assignerShortName: "redhat", cveId: "CVE-2014-3485", datePublished: "2014-07-11T14:00:00", dateReserved: "2014-05-14T00:00:00", dateUpdated: "2024-08-06T10:43:06.139Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2012-3406
Vulnerability from cvelistv5
Published
2014-02-10 17:00
Modified
2024-08-06 20:05
Severity ?
EPSS score ?
Summary
The vfprintf function in stdio-common/vfprintf.c in GNU C Library (aka glibc) 2.5, 2.12, and probably other versions does not "properly restrict the use of" the alloca function when allocating the SPECS array, which allows context-dependent attackers to bypass the FORTIFY_SOURCE format-string protection mechanism and cause a denial of service (crash) or possibly execute arbitrary code via a crafted format string using positional parameters and a large number of format specifiers, a different vulnerability than CVE-2012-3404 and CVE-2012-3405.
References
▼ | URL | Tags |
---|---|---|
http://rhn.redhat.com/errata/RHSA-2012-1200.html | vendor-advisory, x_refsource_REDHAT | |
https://bugzilla.redhat.com/show_bug.cgi?id=826943 | x_refsource_CONFIRM | |
http://rhn.redhat.com/errata/RHSA-2012-1097.html | vendor-advisory, x_refsource_REDHAT | |
https://security.gentoo.org/glsa/201503-04 | vendor-advisory, x_refsource_GENTOO | |
http://rhn.redhat.com/errata/RHSA-2012-1098.html | vendor-advisory, x_refsource_REDHAT | |
http://www.ubuntu.com/usn/USN-1589-1 | vendor-advisory, x_refsource_UBUNTU | |
http://rhn.redhat.com/errata/RHSA-2012-1185.html | vendor-advisory, x_refsource_REDHAT | |
http://www.openwall.com/lists/oss-security/2012/07/11/17 | mailing-list, x_refsource_MLIST | |
https://bugzilla.redhat.com/attachment.cgi?id=594722 | x_refsource_CONFIRM |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T20:05:12.465Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "RHSA-2012:1200", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2012-1200.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=826943", }, { name: "RHSA-2012:1097", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2012-1097.html", }, { name: "GLSA-201503-04", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "https://security.gentoo.org/glsa/201503-04", }, { name: "RHSA-2012:1098", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2012-1098.html", }, { name: "USN-1589-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "http://www.ubuntu.com/usn/USN-1589-1", }, { name: "RHSA-2012:1185", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2012-1185.html", }, { name: "[oss-security] 20120711 Re: CVE request: glibc formatted printing vulnerabilities", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2012/07/11/17", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugzilla.redhat.com/attachment.cgi?id=594722", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2012-05-31T00:00:00", descriptions: [ { lang: "en", value: "The vfprintf function in stdio-common/vfprintf.c in GNU C Library (aka glibc) 2.5, 2.12, and probably other versions does not \"properly restrict the use of\" the alloca function when allocating the SPECS array, which allows context-dependent attackers to bypass the FORTIFY_SOURCE format-string protection mechanism and cause a denial of service (crash) or possibly execute arbitrary code via a crafted format string using positional parameters and a large number of format specifiers, a different vulnerability than CVE-2012-3404 and CVE-2012-3405.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2017-06-30T16:57:01", orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", shortName: "redhat", }, references: [ { name: "RHSA-2012:1200", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2012-1200.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=826943", }, { name: "RHSA-2012:1097", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2012-1097.html", }, { name: "GLSA-201503-04", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "https://security.gentoo.org/glsa/201503-04", }, { name: "RHSA-2012:1098", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2012-1098.html", }, { name: "USN-1589-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "http://www.ubuntu.com/usn/USN-1589-1", }, { name: "RHSA-2012:1185", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2012-1185.html", }, { name: "[oss-security] 20120711 Re: CVE request: glibc formatted printing vulnerabilities", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://www.openwall.com/lists/oss-security/2012/07/11/17", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://bugzilla.redhat.com/attachment.cgi?id=594722", }, ], }, }, cveMetadata: { assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", assignerShortName: "redhat", cveId: "CVE-2012-3406", datePublished: "2014-02-10T17:00:00", dateReserved: "2012-06-14T00:00:00", dateUpdated: "2024-08-06T20:05:12.465Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2016-6310
Vulnerability from cvelistv5
Published
2017-08-22 18:00
Modified
2024-08-06 01:29
Severity ?
EPSS score ?
Summary
oVirt Engine discloses the ENGINE_HTTPS_PKI_TRUST_STORE_PASSWORD in /var/log/ovirt-engine/engine.log file in RHEV before 4.0.
References
▼ | URL | Tags |
---|---|---|
https://bugzilla.redhat.com/show_bug.cgi?id=1363738 | x_refsource_CONFIRM | |
http://www.securityfocus.com/bid/92345 | vdb-entry, x_refsource_BID |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T01:29:18.286Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1363738", }, { name: "92345", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/92345", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2016-08-03T00:00:00", descriptions: [ { lang: "en", value: "oVirt Engine discloses the ENGINE_HTTPS_PKI_TRUST_STORE_PASSWORD in /var/log/ovirt-engine/engine.log file in RHEV before 4.0.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2017-08-22T17:57:01", orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", shortName: "redhat", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1363738", }, { name: "92345", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/92345", }, ], }, }, cveMetadata: { assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", assignerShortName: "redhat", cveId: "CVE-2016-6310", datePublished: "2017-08-22T18:00:00", dateReserved: "2016-07-26T00:00:00", dateUpdated: "2024-08-06T01:29:18.286Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2013-4236
Vulnerability from cvelistv5
Published
2013-08-19 23:00
Modified
2024-08-06 16:38
Severity ?
EPSS score ?
Summary
VDSM in Red Hat Enterprise Virtualization 3 and 3.2 allows privileged guest users to cause the host to become "unavailable to the managment server" via invalid XML characters in a guest agent response. NOTE: this issue is due to an incomplete fix for CVE-2013-0167.
References
▼ | URL | Tags |
---|---|---|
http://gerrit.ovirt.org/gitweb?p=vdsm.git%3Ba=commit%3Bh=5fe1615b7949999fc9abd896bde63bf24f8431d6 | x_refsource_MISC | |
http://rhn.redhat.com/errata/RHSA-2013-1155.html | vendor-advisory, x_refsource_REDHAT | |
https://bugzilla.redhat.com/show_bug.cgi?id=996166 | x_refsource_CONFIRM |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T16:38:01.690Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://gerrit.ovirt.org/gitweb?p=vdsm.git%3Ba=commit%3Bh=5fe1615b7949999fc9abd896bde63bf24f8431d6", }, { name: "RHSA-2013:1155", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2013-1155.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=996166", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "VDSM in Red Hat Enterprise Virtualization 3 and 3.2 allows privileged guest users to cause the host to become \"unavailable to the managment server\" via invalid XML characters in a guest agent response. NOTE: this issue is due to an incomplete fix for CVE-2013-0167.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2013-08-19T23:00:00Z", orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", shortName: "redhat", }, references: [ { tags: [ "x_refsource_MISC", ], url: "http://gerrit.ovirt.org/gitweb?p=vdsm.git%3Ba=commit%3Bh=5fe1615b7949999fc9abd896bde63bf24f8431d6", }, { name: "RHSA-2013:1155", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2013-1155.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=996166", }, ], }, }, cveMetadata: { assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", assignerShortName: "redhat", cveId: "CVE-2013-4236", datePublished: "2013-08-19T23:00:00Z", dateReserved: "2013-06-12T00:00:00Z", dateUpdated: "2024-08-06T16:38:01.690Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
Vulnerability from fkie_nvd
Published
2010-08-24 18:00
Modified
2024-11-21 01:12
Severity ?
Summary
libspice, as used in QEMU-KVM in the Hypervisor (aka rhev-hypervisor) in Red Hat Enterprise Virtualization (RHEV) 2.2 and qspice 0.3.0, does not properly validate guest QXL driver pointers, which allows guest OS users to cause a denial of service (invalid pointer dereference and guest OS crash) or possibly gain privileges via unspecified vectors.
References
▼ | URL | Tags | |
---|---|---|---|
secalert@redhat.com | https://bugzilla.redhat.com/show_bug.cgi?id=568699 | Vendor Advisory | |
secalert@redhat.com | https://rhn.redhat.com/errata/RHSA-2010-0622.html | Patch, Vendor Advisory | |
secalert@redhat.com | https://rhn.redhat.com/errata/RHSA-2010-0633.html | Patch, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/show_bug.cgi?id=568699 | Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://rhn.redhat.com/errata/RHSA-2010-0622.html | Patch, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://rhn.redhat.com/errata/RHSA-2010-0633.html | Patch, Vendor Advisory |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
redhat | enterprise_virtualization | 2.2 | |
redhat | qspice | 0.3.0 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:redhat:enterprise_virtualization:2.2:*:*:*:*:*:*:*", matchCriteriaId: "C9C4DBCA-6BC6-4A13-8250-6CE0A7A6BCB1", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:qspice:0.3.0:*:*:*:*:*:*:*", matchCriteriaId: "B3EF5AC4-D35B-4E47-B720-C4B24F4BF9FC", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "libspice, as used in QEMU-KVM in the Hypervisor (aka rhev-hypervisor) in Red Hat Enterprise Virtualization (RHEV) 2.2 and qspice 0.3.0, does not properly validate guest QXL driver pointers, which allows guest OS users to cause a denial of service (invalid pointer dereference and guest OS crash) or possibly gain privileges via unspecified vectors.", }, { lang: "es", value: "libspice, tal y como se utiliza en QEMU-KVM en el Hypervisor (alias rhev-hipervisor) de Red Hat Enterprise Virtualization (RHEV) v2.2 y qspice v0.3.0, no valida correctamente los punteros a controladores QXL, lo que permite causar, a los usuarios de los sistemas operativos Huesped, una denegación de servicio (uso de puntero no válido y la caída del sistema operativo huésped) o posiblemente ganar privilegios a través de vectores no especificados.", }, ], id: "CVE-2010-0428", lastModified: "2024-11-21T01:12:11.887", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "LOCAL", authentication: "SINGLE", availabilityImpact: "COMPLETE", baseScore: 6.6, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:L/AC:M/Au:S/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 2.7, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2010-08-24T18:00:01.537", references: [ { source: "secalert@redhat.com", tags: [ "Vendor Advisory", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=568699", }, { source: "secalert@redhat.com", tags: [ "Patch", "Vendor Advisory", ], url: "https://rhn.redhat.com/errata/RHSA-2010-0622.html", }, { source: "secalert@redhat.com", tags: [ "Patch", "Vendor Advisory", ], url: "https://rhn.redhat.com/errata/RHSA-2010-0633.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=568699", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "https://rhn.redhat.com/errata/RHSA-2010-0622.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "https://rhn.redhat.com/errata/RHSA-2010-0633.html", }, ], sourceIdentifier: "secalert@redhat.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-20", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2015-09-08 15:59
Modified
2024-11-21 02:26
Severity ?
Summary
The Web Admin interface in Red Hat Enterprise Virtualization Manager (RHEV-M) allows local users to bypass the timeout function by selecting a VM in the VM grid view.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
redhat | enterprise_virtualization | 3.0 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:redhat:enterprise_virtualization:3.0:*:*:*:*:*:*:*", matchCriteriaId: "105130E9-D48E-4FB8-A715-E6438EC7E744", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "The Web Admin interface in Red Hat Enterprise Virtualization Manager (RHEV-M) allows local users to bypass the timeout function by selecting a VM in the VM grid view.", }, { lang: "es", value: "Vulnerabilidad en la interfaz Web Admin en Red Hat Enterprise Virtualization Manager (RHEV-M), permite a usuarios locales eludir la función timeout seleccionando una VM en la vista de cuadrícula VM.", }, ], id: "CVE-2015-1841", lastModified: "2024-11-21T02:26:15.107", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "LOW", cvssData: { accessComplexity: "HIGH", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 3.7, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:L/AC:H/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 1.9, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2015-09-08T15:59:00.127", references: [ { source: "secalert@redhat.com", tags: [ "Vendor Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1713.html", }, { source: "secalert@redhat.com", url: "http://www.securitytracker.com/id/1033459", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1713.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securitytracker.com/id/1033459", }, ], sourceIdentifier: "secalert@redhat.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-17", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2018-04-26 17:29
Modified
2024-11-21 03:59
Severity ?
7.7 (High) - CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N
7.2 (High) - CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
7.2 (High) - CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Summary
ovirt-engine API and administration web portal before versions 4.2.2.5, 4.1.11.2 is vulnerable to an exposure of Power Management credentials, including cleartext passwords to Host Administrators. A Host Administrator could use this flaw to gain access to the power management systems of hosts they control.
References
▼ | URL | Tags | |
---|---|---|---|
secalert@redhat.com | https://access.redhat.com/errata/RHBA-2018:1219 | Third Party Advisory | |
secalert@redhat.com | https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-1074 | Issue Tracking, Third Party Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://access.redhat.com/errata/RHBA-2018:1219 | Third Party Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-1074 | Issue Tracking, Third Party Advisory |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
ovirt | ovirt | * | |
redhat | enterprise_virtualization | 4.0 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:ovirt:ovirt:*:*:*:*:*:*:*:*", matchCriteriaId: "0476809C-082C-4850-B174-BB8614B2C9D4", versionEndIncluding: "4.1.11.1", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:redhat:enterprise_virtualization:4.0:*:*:*:*:*:*:*", matchCriteriaId: "12544770-1AF9-4DD3-BC72-579DA0BC0F3E", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "ovirt-engine API and administration web portal before versions 4.2.2.5, 4.1.11.2 is vulnerable to an exposure of Power Management credentials, including cleartext passwords to Host Administrators. A Host Administrator could use this flaw to gain access to the power management systems of hosts they control.", }, { lang: "es", value: "La API y el portal de administración web de ovirt-engine en versiones anteriores a la 4.2.2.5 y la 4.1.11.2 es vulnerable a una exposición de credenciales de Power Management, incluyendo contraseñas en texto claro para Host Administrators. Un Host Administrator podría utilizar este fallo para obtener acceso a los sistemas de gestión de energía de los hosts que controlan.", }, ], id: "CVE-2018-1074", lastModified: "2024-11-21T03:59:07.570", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "NONE", baseScore: 4, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:S/C:P/I:N/A:N", version: "2.0", }, exploitabilityScore: 8, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 7.7, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N", version: "3.0", }, exploitabilityScore: 3.1, impactScore: 4, source: "secalert@redhat.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 1.2, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2018-04-26T17:29:00.510", references: [ { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHBA-2018:1219", }, { source: "secalert@redhat.com", tags: [ "Issue Tracking", "Third Party Advisory", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-1074", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHBA-2018:1219", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Third Party Advisory", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-1074", }, ], sourceIdentifier: "secalert@redhat.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-200", }, ], source: "secalert@redhat.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-522", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2018-05-17 16:29
Modified
2024-11-21 03:59
Severity ?
7.5 (High) - CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
7.5 (High) - CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
7.5 (High) - CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
DHCP packages in Red Hat Enterprise Linux 6 and 7, Fedora 28, and earlier are vulnerable to a command injection flaw in the NetworkManager integration script included in the DHCP client. A malicious DHCP server, or an attacker on the local network able to spoof DHCP responses, could use this flaw to execute arbitrary commands with root privileges on systems using NetworkManager and configured to obtain network configuration using the DHCP protocol.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
fedoraproject | fedora | 26 | |
fedoraproject | fedora | 27 | |
fedoraproject | fedora | 28 | |
redhat | enterprise_virtualization | 4.0 | |
redhat | enterprise_virtualization | 4.2 | |
redhat | enterprise_virtualization_host | 4.0 | |
redhat | enterprise_linux | 6.0 | |
redhat | enterprise_linux | 6.4 | |
redhat | enterprise_linux | 6.5 | |
redhat | enterprise_linux | 6.6 | |
redhat | enterprise_linux | 6.7 | |
redhat | enterprise_linux | 7.0 | |
redhat | enterprise_linux | 7.2 | |
redhat | enterprise_linux | 7.3 | |
redhat | enterprise_linux | 7.4 | |
redhat | enterprise_linux | 7.5 | |
redhat | enterprise_linux_desktop | 6.0 | |
redhat | enterprise_linux_desktop | 7.0 | |
redhat | enterprise_linux_server | 6.0 | |
redhat | enterprise_linux_server | 7.0 | |
redhat | enterprise_linux_workstation | 6.0 | |
redhat | enterprise_linux_workstation | 7.0 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:fedoraproject:fedora:26:*:*:*:*:*:*:*", matchCriteriaId: "6E4D8269-B407-4C24-AAB0-02F885C7D752", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:27:*:*:*:*:*:*:*", matchCriteriaId: "DBEACBFF-6D05-4B69-BF7A-F7E539D9BF6E", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:28:*:*:*:*:*:*:*", matchCriteriaId: "DC1BD7B7-6D88-42B8-878E-F1318CA5FCAF", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:redhat:enterprise_virtualization:4.0:*:*:*:*:*:*:*", matchCriteriaId: "12544770-1AF9-4DD3-BC72-579DA0BC0F3E", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:enterprise_virtualization:4.2:*:*:*:*:*:*:*", matchCriteriaId: "76DA389E-C042-47E1-989C-0882E12DF35B", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:enterprise_virtualization_host:4.0:*:*:*:*:*:*:*", matchCriteriaId: "6B8286AD-7632-46C4-AD1E-653CABC4B95B", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*", matchCriteriaId: "2F6AB192-9D7D-4A9A-8995-E53A9DE9EAFC", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux:6.4:*:*:*:*:*:*:*", matchCriteriaId: "905EC4D0-7604-476A-8176-9FFCEB1DC6B1", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux:6.5:*:*:*:*:*:*:*", matchCriteriaId: "564DCCFD-77BF-4FB1-A0A0-96104B154282", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux:6.6:*:*:*:*:*:*:*", matchCriteriaId: "467A831E-C63B-476F-A71F-8FB52556BC45", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux:6.7:*:*:*:*:*:*:*", matchCriteriaId: "84FF61DF-D634-4FB5-8DF1-01F631BE1A7A", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*", matchCriteriaId: "142AD0DD-4CF3-4D74-9442-459CE3347E3A", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux:7.2:*:*:*:*:*:*:*", matchCriteriaId: "2E4DC974-235F-4655-966F-2490A4C4E490", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux:7.3:*:*:*:*:*:*:*", matchCriteriaId: "B99A2411-7F6A-457F-A7BF-EB13C630F902", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux:7.4:*:*:*:*:*:*:*", matchCriteriaId: "041F9200-4C01-4187-AE34-240E8277B54D", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux:7.5:*:*:*:*:*:*:*", matchCriteriaId: "4EB48767-F095-444F-9E05-D9AC345AB803", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", matchCriteriaId: "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", matchCriteriaId: "33C068A4-3780-4EAB-A937-6082DF847564", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", matchCriteriaId: "9BBCD86A-E6C7-4444-9D74-F861084090F0", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", matchCriteriaId: "51EF4996-72F4-4FA4-814F-F5991E7A8318", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", matchCriteriaId: "E5ED5807-55B7-47C5-97A6-03233F4FBC3A", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", matchCriteriaId: "825ECE2D-E232-46E0-A047-074B34DB1E97", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "DHCP packages in Red Hat Enterprise Linux 6 and 7, Fedora 28, and earlier are vulnerable to a command injection flaw in the NetworkManager integration script included in the DHCP client. A malicious DHCP server, or an attacker on the local network able to spoof DHCP responses, could use this flaw to execute arbitrary commands with root privileges on systems using NetworkManager and configured to obtain network configuration using the DHCP protocol.", }, { lang: "es", value: "Los paquetes DHCP en Red Hat Enterprise Linux 6 y 7, Fedora 28 y anteriores son vulnerables a un error de inyección de comandos en el script de integración NetworkManager incluido en el cliente DHCP. Un servidor DHCP malicioso o un atacante en la red ocal capaz de suplantar respuestas DHCP podría emplear este error para ejecutar comandos arbitrarios con privilegios root en sistemas que emplean NetworkManager y se configuran para obtener la configuración de red mediante el protocolo de configuración dinámica de host (DHCP).", }, ], id: "CVE-2018-1111", lastModified: "2024-11-21T03:59:12.207", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "MEDIUM", accessVector: "ADJACENT_NETWORK", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 7.9, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:A/AC:M/Au:N/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 5.5, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "HIGH", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 1.6, impactScore: 5.9, source: "secalert@redhat.com", type: "Secondary", }, { cvssData: { attackComplexity: "HIGH", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 1.6, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2018-05-17T16:29:00.217", references: [ { source: "secalert@redhat.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/104195", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1040912", }, { source: "secalert@redhat.com", tags: [ "Vendor Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:1453", }, { source: "secalert@redhat.com", tags: [ "Vendor Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:1454", }, { source: "secalert@redhat.com", tags: [ "Vendor Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:1455", }, { source: "secalert@redhat.com", tags: [ "Vendor Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:1456", }, { source: "secalert@redhat.com", tags: [ "Vendor Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:1457", }, { source: "secalert@redhat.com", tags: [ "Vendor Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:1458", }, { source: "secalert@redhat.com", tags: [ "Vendor Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:1459", }, { source: "secalert@redhat.com", tags: [ "Vendor Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:1460", }, { source: "secalert@redhat.com", tags: [ "Vendor Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:1461", }, { source: "secalert@redhat.com", tags: [ "Vendor Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:1524", }, { source: "secalert@redhat.com", tags: [ "Vendor Advisory", ], url: "https://access.redhat.com/security/vulnerabilities/3442151", }, { source: "secalert@redhat.com", tags: [ "Issue Tracking", "Vendor Advisory", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-1111", }, { source: "secalert@redhat.com", url: "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0", }, { source: "secalert@redhat.com", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CDCLLCHYFFXW354HMB5QBXOQOY5BH2EJ/", }, { source: "secalert@redhat.com", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IDJA4QRR74TMXW34Q3DYYFPVBYRTJBI7/", }, { source: "secalert@redhat.com", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QMTTB54QNTPD2SK6UL32EVQHMZP6BUUD/", }, { source: "secalert@redhat.com", tags: [ "Exploit", "Third Party Advisory", "VDB Entry", ], url: "https://www.exploit-db.com/exploits/44652/", }, { source: "secalert@redhat.com", tags: [ "Exploit", "Third Party Advisory", "VDB Entry", ], url: "https://www.exploit-db.com/exploits/44890/", }, { source: "secalert@redhat.com", url: "https://www.tenable.com/security/tns-2018-10", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/104195", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1040912", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:1453", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:1454", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:1455", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:1456", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:1457", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:1458", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:1459", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:1460", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:1461", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:1524", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://access.redhat.com/security/vulnerabilities/3442151", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Vendor Advisory", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-1111", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CDCLLCHYFFXW354HMB5QBXOQOY5BH2EJ/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IDJA4QRR74TMXW34Q3DYYFPVBYRTJBI7/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QMTTB54QNTPD2SK6UL32EVQHMZP6BUUD/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", "VDB Entry", ], url: "https://www.exploit-db.com/exploits/44652/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", "VDB Entry", ], url: "https://www.exploit-db.com/exploits/44890/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://www.tenable.com/security/tns-2018-10", }, ], sourceIdentifier: "secalert@redhat.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-77", }, ], source: "secalert@redhat.com", type: "Primary", }, { description: [ { lang: "en", value: "CWE-78", }, ], source: "nvd@nist.gov", type: "Secondary", }, ], }
Vulnerability from fkie_nvd
Published
2010-08-24 18:00
Modified
2024-11-21 01:17
Severity ?
Summary
The subpage MMIO initialization functionality in the subpage_register function in exec.c in QEMU-KVM, as used in the Hypervisor (aka rhev-hypervisor) in Red Hat Enterprise Virtualization (RHEV) 2.2 and KVM 83, does not properly select the index for access to the callback array, which allows guest OS users to cause a denial of service (guest OS crash) or possibly gain privileges via unspecified vectors.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
redhat | enterprise_virtualization | 2.2 | |
redhat | kvm | 83 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:redhat:enterprise_virtualization:2.2:*:*:*:*:*:*:*", matchCriteriaId: "C9C4DBCA-6BC6-4A13-8250-6CE0A7A6BCB1", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:kvm:83:*:*:*:*:*:*:*", matchCriteriaId: "C9998FC2-8189-4269-BEF5-2044933ACB30", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "The subpage MMIO initialization functionality in the subpage_register function in exec.c in QEMU-KVM, as used in the Hypervisor (aka rhev-hypervisor) in Red Hat Enterprise Virtualization (RHEV) 2.2 and KVM 83, does not properly select the index for access to the callback array, which allows guest OS users to cause a denial of service (guest OS crash) or possibly gain privileges via unspecified vectors.", }, { lang: "es", value: "La funcionalidad de inicialización de subpaginas MMIO en la función subpage_register de exec.c en QEMU-KVM, tal como se utiliza en Hypervisor (alias rhev-hipervisor) en Red Hat Enterprise Virtualization (RHEV) v2.2 y KVM 83, no selecciona adecuadamente el índice para acceder a la matriz de callback, lo que permite causar, a los usuarios del sistema operativo huésped, una denegación de servicio (caida del sistema operativo) o posiblemente obtener privilegios mediante vectores no especificados.", }, ], id: "CVE-2010-2784", lastModified: "2024-11-21T01:17:22.310", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "LOCAL", authentication: "SINGLE", availabilityImpact: "COMPLETE", baseScore: 6.6, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:L/AC:M/Au:S/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 2.7, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2010-08-24T18:00:39.050", references: [ { source: "secalert@redhat.com", url: "http://www.spinics.net/lists/kvm/msg39173.html", }, { source: "secalert@redhat.com", url: "https://bugzilla.redhat.com/show_bug.cgi?id=619411", }, { source: "secalert@redhat.com", tags: [ "Patch", "Vendor Advisory", ], url: "https://rhn.redhat.com/errata/RHSA-2010-0622.html", }, { source: "secalert@redhat.com", tags: [ "Patch", "Vendor Advisory", ], url: "https://rhn.redhat.com/errata/RHSA-2010-0627.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.spinics.net/lists/kvm/msg39173.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://bugzilla.redhat.com/show_bug.cgi?id=619411", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "https://rhn.redhat.com/errata/RHSA-2010-0622.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "https://rhn.redhat.com/errata/RHSA-2010-0627.html", }, ], sourceIdentifier: "secalert@redhat.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-264", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2014-01-21 18:55
Modified
2024-11-21 01:51
Severity ?
Summary
Unquoted Windows search path vulnerability in the SPICE service, as used in Red Hat Enterprise Virtualization (RHEV) 3.2, allows local users to gain privileges via a crafted application in an unspecified folder.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
redhat | enterprise_virtualization | 3.2 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:redhat:enterprise_virtualization:3.2:*:*:*:*:*:*:*", matchCriteriaId: "4CB24864-E9F3-4EE2-BFA4-9C6C1EB9EF8B", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Unquoted Windows search path vulnerability in the SPICE service, as used in Red Hat Enterprise Virtualization (RHEV) 3.2, allows local users to gain privileges via a crafted application in an unspecified folder.", }, { lang: "es", value: "Vulnerabilidad de ruta de búsqueda en Windows sin comillas en el servicio SPICE, tal como se usa en Red Hat Enterprise Virtualization (RHEV) 3.2, permite a usuarios locales obtener privilegios a través de una aplicación manipulada en una carpeta sin especificar.", }, ], evaluatorComment: "Per: http://cwe.mitre.org/data/definitions/426.html\n\n\"CWE-426: Untrusted Search Path\"", id: "CVE-2013-2152", lastModified: "2024-11-21T01:51:08.677", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 7.2, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:L/AC:L/Au:N/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2014-01-21T18:55:09.477", references: [ { source: "secalert@redhat.com", tags: [ "Vendor Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2013-0924.html", }, { source: "secalert@redhat.com", tags: [ "Vendor Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2013-0925.html", }, { source: "secalert@redhat.com", url: "http://www.securityfocus.com/bid/60475", }, { source: "secalert@redhat.com", url: "https://bugzilla.redhat.com/show_bug.cgi?id=971172", }, { source: "secalert@redhat.com", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/84866", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2013-0924.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2013-0925.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/bid/60475", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://bugzilla.redhat.com/show_bug.cgi?id=971172", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/84866", }, ], sourceIdentifier: "secalert@redhat.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-Other", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2016-12-14 18:59
Modified
2024-11-21 02:52
Severity ?
Summary
Red Hat Enterprise Virtualization (RHEV) Manager 3.6 allows local users to obtain encryption keys, certificates, and other sensitive information by reading the engine-setup log file.
References
▼ | URL | Tags | |
---|---|---|---|
secalert@redhat.com | http://rhn.redhat.com/errata/RHSA-2016-1929.html | Mitigation, Patch, Vendor Advisory | |
secalert@redhat.com | http://www.securityfocus.com/bid/92751 | Third Party Advisory, VDB Entry | |
secalert@redhat.com | http://www.securitytracker.com/id/1036863 | Third Party Advisory, VDB Entry | |
secalert@redhat.com | https://bugzilla.redhat.com/show_bug.cgi?id=1335106 | Issue Tracking, VDB Entry, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://rhn.redhat.com/errata/RHSA-2016-1929.html | Mitigation, Patch, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/92751 | Third Party Advisory, VDB Entry | |
af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1036863 | Third Party Advisory, VDB Entry | |
af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/show_bug.cgi?id=1335106 | Issue Tracking, VDB Entry, Vendor Advisory |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
redhat | enterprise_virtualization | 3.6 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:redhat:enterprise_virtualization:3.6:*:*:*:*:*:*:*", matchCriteriaId: "5611A87C-7A9C-4F81-9162-F06FD23709FA", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Red Hat Enterprise Virtualization (RHEV) Manager 3.6 allows local users to obtain encryption keys, certificates, and other sensitive information by reading the engine-setup log file.", }, { lang: "es", value: "Red Hat Enterprise Virtualization (RHEV) Manager 3.6 permite a usuarios locales obtener claves de encriptación, certificados y otra información sensible mediante la lectura del archivo de inicio de sesión engine-setup.", }, ], id: "CVE-2016-4443", lastModified: "2024-11-21T02:52:12.713", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "LOW", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "NONE", baseScore: 2.1, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:L/AC:L/Au:N/C:P/I:N/A:N", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", version: "3.0", }, exploitabilityScore: 1.8, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2016-12-14T18:59:01.403", references: [ { source: "secalert@redhat.com", tags: [ "Mitigation", "Patch", "Vendor Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2016-1929.html", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/92751", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1036863", }, { source: "secalert@redhat.com", tags: [ "Issue Tracking", "VDB Entry", "Vendor Advisory", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1335106", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mitigation", "Patch", "Vendor Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2016-1929.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/92751", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1036863", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "VDB Entry", "Vendor Advisory", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1335106", }, ], sourceIdentifier: "secalert@redhat.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-532", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2013-11-02 19:55
Modified
2024-11-21 01:55
Severity ?
Summary
Stack-based buffer overflow in the reds_handle_ticket function in server/reds.c in SPICE 0.12.0 allows remote attackers to cause a denial of service (crash) via a long password in a SPICE ticket.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
spice_project | spice | 0.12.0 | |
redhat | enterprise_virtualization | 3.0 | |
redhat | enterprise_linux | 5 | |
redhat | enterprise_linux | 6.0 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:spice_project:spice:0.12.0:*:*:*:*:*:*:*", matchCriteriaId: "937428E5-EE31-4BBF-9774-EFB9866B58D9", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:redhat:enterprise_virtualization:3.0:*:*:*:*:*:*:*", matchCriteriaId: "105130E9-D48E-4FB8-A715-E6438EC7E744", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux:5:*:*:*:*:*:*:*", matchCriteriaId: "AA9B3CC0-DF1C-4A86-B2A3-A9D428A5A6E6", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*", matchCriteriaId: "2F6AB192-9D7D-4A9A-8995-E53A9DE9EAFC", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Stack-based buffer overflow in the reds_handle_ticket function in server/reds.c in SPICE 0.12.0 allows remote attackers to cause a denial of service (crash) via a long password in a SPICE ticket.", }, { lang: "es", value: "Desbordamiento de búfer de pila en la función reds_handle_ticket en server/reds.c en SPICE 0.12.0 que permite a atacantes remotos provocar una denegación de servicio (caída) a través de una contraseña larga en un ticket de SPICE.", }, ], id: "CVE-2013-4282", lastModified: "2024-11-21T01:55:16.360", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 5, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2013-11-02T19:55:04.633", references: [ { source: "secalert@redhat.com", tags: [ "Exploit", "Patch", ], url: "http://cgit.freedesktop.org/spice/spice/commit/?id=8af619009660b24e0b41ad26b30289eea288fcc2", }, { source: "secalert@redhat.com", url: "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00008.html", }, { source: "secalert@redhat.com", tags: [ "Vendor Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2013-1460.html", }, { source: "secalert@redhat.com", tags: [ "Vendor Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2013-1473.html", }, { source: "secalert@redhat.com", tags: [ "Vendor Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2013-1474.html", }, { source: "secalert@redhat.com", url: "http://www.debian.org/security/2014/dsa-2839", }, { source: "secalert@redhat.com", url: "http://www.securityfocus.com/bid/63408", }, { source: "secalert@redhat.com", url: "http://www.ubuntu.com/usn/USN-2027-1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Patch", ], url: "http://cgit.freedesktop.org/spice/spice/commit/?id=8af619009660b24e0b41ad26b30289eea288fcc2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00008.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2013-1460.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2013-1473.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2013-1474.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.debian.org/security/2014/dsa-2839", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/bid/63408", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.ubuntu.com/usn/USN-2027-1", }, ], sourceIdentifier: "secalert@redhat.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-119", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2010-08-24 18:00
Modified
2024-11-21 01:12
Severity ?
Summary
QEMU-KVM, as used in the Hypervisor (aka rhev-hypervisor) in Red Hat Enterprise Virtualization (RHEV) 2.2 and KVM 83, does not properly validate guest QXL driver pointers, which allows guest OS users to cause a denial of service (invalid pointer dereference and guest OS crash) or possibly gain privileges via unspecified vectors.
References
▼ | URL | Tags | |
---|---|---|---|
secalert@redhat.com | https://bugzilla.redhat.com/show_bug.cgi?id=568809 | Patch, Vendor Advisory | |
secalert@redhat.com | https://rhn.redhat.com/errata/RHSA-2010-0622.html | Vendor Advisory | |
secalert@redhat.com | https://rhn.redhat.com/errata/RHSA-2010-0627.html | Patch, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/show_bug.cgi?id=568809 | Patch, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://rhn.redhat.com/errata/RHSA-2010-0622.html | Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://rhn.redhat.com/errata/RHSA-2010-0627.html | Patch, Vendor Advisory |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
redhat | enterprise_virtualization | 2.2 | |
redhat | kvm | 83 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:redhat:enterprise_virtualization:2.2:*:*:*:*:*:*:*", matchCriteriaId: "C9C4DBCA-6BC6-4A13-8250-6CE0A7A6BCB1", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:kvm:83:*:*:*:*:*:*:*", matchCriteriaId: "C9998FC2-8189-4269-BEF5-2044933ACB30", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "QEMU-KVM, as used in the Hypervisor (aka rhev-hypervisor) in Red Hat Enterprise Virtualization (RHEV) 2.2 and KVM 83, does not properly validate guest QXL driver pointers, which allows guest OS users to cause a denial of service (invalid pointer dereference and guest OS crash) or possibly gain privileges via unspecified vectors.", }, { lang: "es", value: "QEMU-KVM, tal como se utiliza en el Hypervisor (alias rhev-hipervisor) en Red Hat Enterprise Virtualization (RHEV) v2.2 y KVM 83, no valida correctamente los punteros a controladores QXL, lo que permite causar, a los usuarios del sistema operativo huésped, una denegación de servicio (uso de puntero invalido y la caída del sistema operativo huésped) o posiblemente ganar privilegios a través de vectores no especificados.", }, ], id: "CVE-2010-0431", lastModified: "2024-11-21T01:12:12.190", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "LOCAL", authentication: "SINGLE", availabilityImpact: "COMPLETE", baseScore: 6.6, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:L/AC:M/Au:S/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 2.7, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2010-08-24T18:00:38.817", references: [ { source: "secalert@redhat.com", tags: [ "Patch", "Vendor Advisory", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=568809", }, { source: "secalert@redhat.com", tags: [ "Vendor Advisory", ], url: "https://rhn.redhat.com/errata/RHSA-2010-0622.html", }, { source: "secalert@redhat.com", tags: [ "Patch", "Vendor Advisory", ], url: "https://rhn.redhat.com/errata/RHSA-2010-0627.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=568809", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://rhn.redhat.com/errata/RHSA-2010-0622.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "https://rhn.redhat.com/errata/RHSA-2010-0627.html", }, ], sourceIdentifier: "secalert@redhat.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-20", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2010-08-24 18:00
Modified
2024-11-21 01:17
Severity ?
Summary
Virtual Desktop Server Manager (VDSM) in Red Hat Enterprise Virtualization (RHEV) 2.2 does not properly accept TCP connections for SSL sessions, which allows remote attackers to cause a denial of service (daemon outage) via crafted SSL traffic.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
redhat | enterprise_virtualization | 2.2 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:redhat:enterprise_virtualization:2.2:*:*:*:*:*:*:*", matchCriteriaId: "C9C4DBCA-6BC6-4A13-8250-6CE0A7A6BCB1", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Virtual Desktop Server Manager (VDSM) in Red Hat Enterprise Virtualization (RHEV) 2.2 does not properly accept TCP connections for SSL sessions, which allows remote attackers to cause a denial of service (daemon outage) via crafted SSL traffic.", }, { lang: "es", value: "Virtual Desktop Server Manager (VDSM) en Red Hat Enterprise Virtualization (RHEV) v2.2 no acepta adecuadamente conexiones TCP para sesiones de SSL, que permite a atacantes remotos provocar una denegación de servicio (parada de demonio) a través de tráfico SSL debidamente modificado.", }, ], id: "CVE-2010-2811", lastModified: "2024-11-21T01:17:25.340", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "ADJACENT_NETWORK", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 5.7, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:A/AC:M/Au:N/C:N/I:N/A:C", version: "2.0", }, exploitabilityScore: 5.5, impactScore: 6.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2010-08-24T18:00:39.190", references: [ { source: "secalert@redhat.com", url: "http://securitytracker.com/id?1024347", }, { source: "secalert@redhat.com", url: "http://www.securityfocus.com/bid/42580", }, { source: "secalert@redhat.com", url: "https://bugzilla.redhat.com/show_bug.cgi?id=622928", }, { source: "secalert@redhat.com", tags: [ "Patch", "Vendor Advisory", ], url: "https://rhn.redhat.com/errata/RHSA-2010-0622.html", }, { source: "secalert@redhat.com", tags: [ "Patch", "Vendor Advisory", ], url: "https://rhn.redhat.com/errata/RHSA-2010-0628.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://securitytracker.com/id?1024347", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/bid/42580", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://bugzilla.redhat.com/show_bug.cgi?id=622928", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "https://rhn.redhat.com/errata/RHSA-2010-0622.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "https://rhn.redhat.com/errata/RHSA-2010-0628.html", }, ], sourceIdentifier: "secalert@redhat.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-Other", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2010-08-24 18:00
Modified
2024-11-21 01:12
Severity ?
Summary
The Hypervisor (aka rhev-hypervisor) in Red Hat Enterprise Virtualization (RHEV) 2.2, and KVM 83, when the Intel VT-x extension is enabled, allows guest OS users to cause a denial of service (NULL pointer dereference and host OS crash) via vectors related to instruction emulation.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
redhat | enterprise_virtualization | 2.2 | |
redhat | kvm | 83 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:redhat:enterprise_virtualization:2.2:*:*:*:*:*:*:*", matchCriteriaId: "C9C4DBCA-6BC6-4A13-8250-6CE0A7A6BCB1", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:kvm:83:*:*:*:*:*:*:*", matchCriteriaId: "C9998FC2-8189-4269-BEF5-2044933ACB30", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "The Hypervisor (aka rhev-hypervisor) in Red Hat Enterprise Virtualization (RHEV) 2.2, and KVM 83, when the Intel VT-x extension is enabled, allows guest OS users to cause a denial of service (NULL pointer dereference and host OS crash) via vectors related to instruction emulation.", }, { lang: "es", value: "El Hypervisor (alias rhev-hipervisor) en Red Hat Enterprise Virtualization (RHEV) v2.2 y KVM 83, cuando la extensión Intel VT-x está activada, permite causar, a los usuarios del sistema operativo huésped, una denegación de servicio (uso de puntero nulo y caida del sistema operativo anfitrión) a través de vectores relacionados con la emulación de instrucciones.", }, ], evaluatorComment: "Per: http://cwe.mitre.org/data/definitions/476.html\r\n\r\n'NULL Pointer Dereference'", id: "CVE-2010-0435", lastModified: "2024-11-21T01:12:12.713", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "SINGLE", availabilityImpact: "COMPLETE", baseScore: 4.6, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:L/AC:L/Au:S/C:N/I:N/A:C", version: "2.0", }, exploitabilityScore: 3.1, impactScore: 6.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2010-08-24T18:00:38.927", references: [ { source: "secalert@redhat.com", url: "http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00000.html", }, { source: "secalert@redhat.com", url: "http://secunia.com/advisories/42778", }, { source: "secalert@redhat.com", url: "http://www.vupen.com/english/advisories/2011/0012", }, { source: "secalert@redhat.com", url: "https://bugzilla.redhat.com/show_bug.cgi?id=570528", }, { source: "secalert@redhat.com", tags: [ "Patch", "Vendor Advisory", ], url: "https://rhn.redhat.com/errata/RHSA-2010-0622.html", }, { source: "secalert@redhat.com", tags: [ "Patch", "Vendor Advisory", ], url: "https://rhn.redhat.com/errata/RHSA-2010-0627.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00000.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://secunia.com/advisories/42778", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.vupen.com/english/advisories/2011/0012", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://bugzilla.redhat.com/show_bug.cgi?id=570528", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "https://rhn.redhat.com/errata/RHSA-2010-0622.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "https://rhn.redhat.com/errata/RHSA-2010-0627.html", }, ], sourceIdentifier: "secalert@redhat.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-Other", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2017-08-22 18:29
Modified
2024-11-21 02:55
Severity ?
Summary
oVirt Engine discloses the ENGINE_HTTPS_PKI_TRUST_STORE_PASSWORD in /var/log/ovirt-engine/engine.log file in RHEV before 4.0.
References
▼ | URL | Tags | |
---|---|---|---|
secalert@redhat.com | http://www.securityfocus.com/bid/92345 | Third Party Advisory, VDB Entry | |
secalert@redhat.com | https://bugzilla.redhat.com/show_bug.cgi?id=1363738 | Issue Tracking, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/92345 | Third Party Advisory, VDB Entry | |
af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/show_bug.cgi?id=1363738 | Issue Tracking, Vendor Advisory |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
redhat | enterprise_virtualization | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:redhat:enterprise_virtualization:*:*:*:*:*:*:*:*", matchCriteriaId: "1785CCC1-4561-4B63-BB4E-BB648CA952A9", versionEndIncluding: "3.6", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "oVirt Engine discloses the ENGINE_HTTPS_PKI_TRUST_STORE_PASSWORD in /var/log/ovirt-engine/engine.log file in RHEV before 4.0.", }, { lang: "es", value: "oVirt Engine divulga ENGINE_HTTPS_PKI_TRUST_STORE_PASSWORD en un archivo /var/log/ovirt-engine/engine.log en RHEV en versiones anteriores a la 4.0.", }, ], id: "CVE-2016-6310", lastModified: "2024-11-21T02:55:52.750", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "LOW", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "NONE", baseScore: 2.1, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:L/AC:L/Au:N/C:P/I:N/A:N", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", version: "3.0", }, exploitabilityScore: 1.8, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2017-08-22T18:29:00.373", references: [ { source: "secalert@redhat.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/92345", }, { source: "secalert@redhat.com", tags: [ "Issue Tracking", "Vendor Advisory", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1363738", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/92345", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Vendor Advisory", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1363738", }, ], sourceIdentifier: "secalert@redhat.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-200", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2014-08-03 18:55
Modified
2024-11-21 02:01
Severity ?
Summary
libvirt 0.7.5 through 1.2.x before 1.2.5 allows local users to cause a denial of service (read block and hang) via a crafted XML document containing an XML external entity declaration in conjunction with an entity reference to the (1) virConnectCompareCPU or (2) virConnectBaselineCPU API method, related to an XML External Entity (XXE) issue. NOTE: this issue was SPLIT per ADT3 due to different affected versions of some vectors. CVE-2014-5177 is used for other API methods.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:redhat:libvirt:0.7.5:*:*:*:*:*:*:*", matchCriteriaId: "8DCDC5B5-1DD4-4FF4-8AB4-D38F5418B873", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:libvirt:0.7.6:*:*:*:*:*:*:*", matchCriteriaId: "0054B43A-F844-47C8-B03A-01696117B7E7", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:libvirt:0.7.7:*:*:*:*:*:*:*", matchCriteriaId: "A5C78A50-0F41-405C-9ABA-EE088D0ABE60", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:libvirt:0.8.0:*:*:*:*:*:*:*", matchCriteriaId: "8322F4E2-0AD0-497B-871E-233C0E0F1490", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:libvirt:0.8.1:*:*:*:*:*:*:*", matchCriteriaId: "E41CEF32-4998-41D5-B971-12E7F4E39FB9", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:libvirt:0.8.2:*:*:*:*:*:*:*", matchCriteriaId: "E43FD74C-5986-4E9E-9C4F-9891133084A7", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:libvirt:0.8.3:*:*:*:*:*:*:*", matchCriteriaId: "8D504B27-7BD0-4CB1-B8CA-76B7C537A4C3", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:libvirt:0.8.4:*:*:*:*:*:*:*", matchCriteriaId: "CBFD9B43-52BA-4FF9-84A1-369B1A96A166", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:libvirt:0.8.5:*:*:*:*:*:*:*", matchCriteriaId: "10EE76EF-44D3-4645-B1E7-5BCFB4CB4204", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:libvirt:0.8.6:*:*:*:*:*:*:*", matchCriteriaId: "934215BC-33D1-453F-B49B-23B52E580214", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:libvirt:0.8.7:*:*:*:*:*:*:*", matchCriteriaId: "F274792B-F190-4A23-A551-6B07EA4028B1", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:libvirt:0.8.8:*:*:*:*:*:*:*", matchCriteriaId: "F9D67FBC-4009-4FC1-B0CF-AA3C1505C2F4", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:libvirt:0.9.0:*:*:*:*:*:*:*", matchCriteriaId: "E2059834-5A26-4DB9-B400-DBBE15690AAB", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:libvirt:0.9.1:*:*:*:*:*:*:*", matchCriteriaId: "F2F6277D-6732-44BA-91B4-D57877E011BD", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:libvirt:0.9.2:*:*:*:*:*:*:*", matchCriteriaId: "2553A171-A830-4540-8CC6-51275F72AAEB", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:libvirt:0.9.3:*:*:*:*:*:*:*", matchCriteriaId: "61C2C484-7AAB-475C-A44E-6D9DCF597DD8", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:libvirt:0.9.4:*:*:*:*:*:*:*", matchCriteriaId: "04A75CCF-28E1-44CC-962C-C56A4F64B370", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:libvirt:0.9.5:*:*:*:*:*:*:*", matchCriteriaId: "B0E8A1AF-740A-454C-8019-B52654589603", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:libvirt:0.9.6:*:*:*:*:*:*:*", matchCriteriaId: "F040825C-C457-40A1-A04C-F362289E13F7", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:libvirt:0.9.6.1:*:*:*:*:*:*:*", matchCriteriaId: "E04748DC-4F9F-4BC2-A3D7-EAC3B73C5A8D", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:libvirt:0.9.6.2:*:*:*:*:*:*:*", matchCriteriaId: "E5F45083-97C6-466F-9D67-057DDD08CFD6", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:libvirt:0.9.6.3:*:*:*:*:*:*:*", matchCriteriaId: "F906DC41-4724-4F81-9402-4EA3BC3F38A0", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:libvirt:0.9.7:*:*:*:*:*:*:*", matchCriteriaId: "3327FB7D-92DB-479F-BF1C-2565C8F1B25C", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:libvirt:0.9.8:*:*:*:*:*:*:*", matchCriteriaId: "48F55C0A-3E6E-4E24-81D7-F023728E486A", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:libvirt:0.9.9:*:*:*:*:*:*:*", matchCriteriaId: "ACB7C00E-DF4E-40AF-A503-202A2FE03D5E", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:libvirt:0.9.10:*:*:*:*:*:*:*", matchCriteriaId: "6AB4E8A8-2B6C-4287-937B-C67A97EAB67A", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:libvirt:0.9.11:*:*:*:*:*:*:*", matchCriteriaId: "53C3F149-D917-4BB6-B264-F316DD96D2B0", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:libvirt:0.9.11.1:*:*:*:*:*:*:*", matchCriteriaId: "10857CB9-D8B1-4EB4-8D93-E0DCC05F0C35", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:libvirt:0.9.11.2:*:*:*:*:*:*:*", matchCriteriaId: "153AE3B9-F951-4AE5-9456-934E15445054", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:libvirt:0.9.11.3:*:*:*:*:*:*:*", matchCriteriaId: "CEE87D15-DA60-4F89-BCFD-9CAB68111D70", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:libvirt:0.9.11.4:*:*:*:*:*:*:*", matchCriteriaId: "9BD8C1F3-5920-4684-BD05-6FA88EDAB64F", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:libvirt:0.9.11.5:*:*:*:*:*:*:*", matchCriteriaId: "60C81865-E1DB-40DA-9BB7-CE32C9EC4561", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:libvirt:0.9.11.6:*:*:*:*:*:*:*", matchCriteriaId: "C1DC7BA8-ED6D-42C2-87EC-42F85CD276C0", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:libvirt:0.9.11.7:*:*:*:*:*:*:*", matchCriteriaId: "0AD99520-DF9D-4012-ADDB-14468FDEFB6D", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:libvirt:0.9.11.8:*:*:*:*:*:*:*", matchCriteriaId: "780A2EC8-5D4B-40B0-9A5A-EDC020554D47", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:libvirt:0.9.12:*:*:*:*:*:*:*", matchCriteriaId: "78C18997-7086-4BB0-8490-EDB5394951F6", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:libvirt:0.9.13:*:*:*:*:*:*:*", matchCriteriaId: "37F280ED-37E3-4AB5-9BF1-AC935D904503", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:libvirt:0.10.0:*:*:*:*:*:*:*", matchCriteriaId: "0AC1F6BC-AB75-45F7-B846-D8900A0C690A", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:libvirt:0.10.1:*:*:*:*:*:*:*", matchCriteriaId: "97F5B122-AE6D-479F-BC46-66E3F729A7D6", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:libvirt:0.10.2:*:*:*:*:*:*:*", matchCriteriaId: "3C433B92-DE77-4B44-BE9D-98449FC7BF1B", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:libvirt:0.10.2.1:*:*:*:*:*:*:*", matchCriteriaId: "28132532-C0C7-4EAE-ADAE-3ADA58AE2EC0", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:libvirt:0.10.2.2:*:*:*:*:*:*:*", matchCriteriaId: "3DA73633-136A-422F-AF77-2C29224C6981", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:libvirt:0.10.2.3:*:*:*:*:*:*:*", matchCriteriaId: "6310759E-ADFB-4DF4-8D10-4DDC42D29AE2", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:libvirt:0.10.2.4:*:*:*:*:*:*:*", matchCriteriaId: "7E2B1536-6671-4508-BC7D-6F11408B3CF0", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:libvirt:0.10.2.5:*:*:*:*:*:*:*", matchCriteriaId: "AA7D7BAB-A2EC-4DD9-A7B8-D5806CD5F306", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:libvirt:0.10.2.6:*:*:*:*:*:*:*", matchCriteriaId: "94E85C10-0192-46B4-828D-52BAE6A6F69C", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:libvirt:0.10.2.7:*:*:*:*:*:*:*", matchCriteriaId: "52AF89AC-A906-479F-85AA-E9D47A83778F", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:libvirt:0.10.2.8:*:*:*:*:*:*:*", matchCriteriaId: "D60D834F-926B-416B-AB66-FCD7981DDCF1", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:libvirt:1.0.0:*:*:*:*:*:*:*", matchCriteriaId: "E13A6AAE-BC1B-4CE1-B747-84F9C6B3FF73", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:libvirt:1.0.1:*:*:*:*:*:*:*", matchCriteriaId: "6DDA1805-ED8A-44AA-96FF-E676D278CCFD", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:libvirt:1.0.2:*:*:*:*:*:*:*", matchCriteriaId: "BBD82EEA-279F-42CA-8F4C-A4D57EEBAB0D", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:libvirt:1.0.3:*:*:*:*:*:*:*", matchCriteriaId: "320C2182-DBCF-4564-940A-D12673C73543", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:libvirt:1.0.4:*:*:*:*:*:*:*", matchCriteriaId: "EB635DBE-29F1-4055-A064-42539FC811C4", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:libvirt:1.0.5:*:*:*:*:*:*:*", matchCriteriaId: "67B77F63-C9AC-42D4-B9E2-4BBE196AC254", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:libvirt:1.0.5.1:*:*:*:*:*:*:*", matchCriteriaId: "3256288E-5A49-4DCD-AE30-6B4E21AEF970", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:libvirt:1.0.5.2:*:*:*:*:*:*:*", matchCriteriaId: "25E764AE-3B7C-4378-97C5-10E835511684", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:libvirt:1.0.5.3:*:*:*:*:*:*:*", matchCriteriaId: "49FEFFA5-371E-4B1D-AAAE-C71AEB79A4AF", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:libvirt:1.0.5.4:*:*:*:*:*:*:*", matchCriteriaId: "F982F65C-CBF9-4EE6-8FD6-C965141E42C9", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:libvirt:1.0.5.5:*:*:*:*:*:*:*", matchCriteriaId: "F4BF8152-79A4-48C6-88EB-9D3FA7466844", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:libvirt:1.0.5.6:*:*:*:*:*:*:*", matchCriteriaId: "A9E4DCDE-4D85-4339-99CB-70A464FA2EE9", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:libvirt:1.0.6:*:*:*:*:*:*:*", matchCriteriaId: "E03AF346-6F4E-4BEA-B29E-9C9C04148843", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:libvirt:1.1.0:*:*:*:*:*:*:*", matchCriteriaId: "54FAE380-0E7E-4468-A07B-5A9A3504F681", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:libvirt:1.1.1:*:*:*:*:*:*:*", matchCriteriaId: "FB4B1021-4D01-4D86-AED4-0418F8839FD6", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:libvirt:1.1.2:*:*:*:*:*:*:*", matchCriteriaId: "380686BB-7212-4285-BA00-B8EEAC6E1CC9", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:libvirt:1.1.3:*:*:*:*:*:*:*", matchCriteriaId: "7A331072-326A-4E72-84E2-E0424E6DDE30", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:libvirt:1.1.4:*:*:*:*:*:*:*", matchCriteriaId: "CB1666DD-AC49-477A-921C-8197F5EFECA6", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:libvirt:1.2.0:*:*:*:*:*:*:*", matchCriteriaId: "527B9236-CA4E-42A8-8C7A-2FB92BE2B4B9", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:libvirt:1.2.1:*:*:*:*:*:*:*", matchCriteriaId: "FA9572AC-1D6D-4AA1-AEF0-CB9143F38215", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:libvirt:1.2.2:*:*:*:*:*:*:*", matchCriteriaId: "3D6B6D6F-6CD3-43C3-B1EC-18DEC89DFDA6", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:libvirt:1.2.3:*:*:*:*:*:*:*", matchCriteriaId: "BF21D58D-6952-4C72-94C3-32421499AFCE", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:libvirt:1.2.4:*:*:*:*:*:*:*", matchCriteriaId: "83403472-4883-4914-846A-3C3E912C5573", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:redhat:enterprise_virtualization:3.0:*:*:*:*:*:*:*", matchCriteriaId: "105130E9-D48E-4FB8-A715-E6438EC7E744", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:opensuse:12.3:*:*:*:*:*:*:*", matchCriteriaId: "DFBF430B-0832-44B0-AA0E-BA9E467F7668", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*", matchCriteriaId: "A10BC294-9196-425F-9FB0-B1625465B47F", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*", matchCriteriaId: "2F6AB192-9D7D-4A9A-8995-E53A9DE9EAFC", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "libvirt 0.7.5 through 1.2.x before 1.2.5 allows local users to cause a denial of service (read block and hang) via a crafted XML document containing an XML external entity declaration in conjunction with an entity reference to the (1) virConnectCompareCPU or (2) virConnectBaselineCPU API method, related to an XML External Entity (XXE) issue. NOTE: this issue was SPLIT per ADT3 due to different affected versions of some vectors. CVE-2014-5177 is used for other API methods.", }, { lang: "es", value: "libvirt 0.7.5 hasta 1.2.x anterior a 1.2.5 permite a usuarios locales causar una denegación de servicio (bloqueo de lectura y cuelgue) a través de un documento XML manipulado que contiene una declaración de entidad externa XML en conjunto con una referencia de entidad en el método (1) virConnectCompareCPU o (2) virConnectBaselineCPU API, relacionado con un problema de entidad externa XML (XXE). NOTA: este problema fue dividido (SPLIT) por ADT3 debido a las diferentes versiones afectadas de algunos vectores. CVE-2014-5177 se utiliza para otros métodos API.", }, ], id: "CVE-2014-0179", lastModified: "2024-11-21T02:01:34.333", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "LOW", cvssData: { accessComplexity: "MEDIUM", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 1.9, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:L/AC:M/Au:N/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 3.4, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2014-08-03T18:55:05.630", references: [ { source: "secalert@redhat.com", url: "http://libvirt.org/news.html", }, { source: "secalert@redhat.com", url: "http://lists.opensuse.org/opensuse-updates/2014-05/msg00048.html", }, { source: "secalert@redhat.com", url: "http://lists.opensuse.org/opensuse-updates/2014-05/msg00052.html", }, { source: "secalert@redhat.com", tags: [ "Vendor Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2014-0560.html", }, { source: "secalert@redhat.com", url: "http://secunia.com/advisories/60895", }, { source: "secalert@redhat.com", url: "http://security.gentoo.org/glsa/glsa-201412-04.xml", }, { source: "secalert@redhat.com", tags: [ "Patch", "Vendor Advisory", ], url: "http://security.libvirt.org/2014/0003.html", }, { source: "secalert@redhat.com", url: "http://www.debian.org/security/2014/dsa-3038", }, { source: "secalert@redhat.com", url: "http://www.ubuntu.com/usn/USN-2366-1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://libvirt.org/news.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.opensuse.org/opensuse-updates/2014-05/msg00048.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.opensuse.org/opensuse-updates/2014-05/msg00052.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2014-0560.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://secunia.com/advisories/60895", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://security.gentoo.org/glsa/glsa-201412-04.xml", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "http://security.libvirt.org/2014/0003.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.debian.org/security/2014/dsa-3038", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.ubuntu.com/usn/USN-2366-1", }, ], sourceIdentifier: "secalert@redhat.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-20", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2010-08-24 18:00
Modified
2024-11-21 01:12
Severity ?
Summary
libspice, as used in QEMU-KVM in the Hypervisor (aka rhev-hypervisor) in Red Hat Enterprise Virtualization (RHEV) 2.2 and qspice 0.3.0, does not properly restrict the addresses upon which memory-management actions are performed, which allows guest OS users to cause a denial of service (guest OS crash) or possibly gain privileges via unspecified vectors.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
redhat | enterprise_virtualization | 2.2 | |
redhat | qspice | 0.3.0 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:redhat:enterprise_virtualization:2.2:*:*:*:*:*:*:*", matchCriteriaId: "C9C4DBCA-6BC6-4A13-8250-6CE0A7A6BCB1", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:qspice:0.3.0:*:*:*:*:*:*:*", matchCriteriaId: "B3EF5AC4-D35B-4E47-B720-C4B24F4BF9FC", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "libspice, as used in QEMU-KVM in the Hypervisor (aka rhev-hypervisor) in Red Hat Enterprise Virtualization (RHEV) 2.2 and qspice 0.3.0, does not properly restrict the addresses upon which memory-management actions are performed, which allows guest OS users to cause a denial of service (guest OS crash) or possibly gain privileges via unspecified vectors.", }, { lang: "es", value: "libspice, tal y como se utiliza en QEMU-KVM en el Hypervisor (alias rhev-hipervisor) en Red Hat Enterprise Virtualization (RHEV) v2.2 y qspice v0.3.0, no restringe adecuadamanete las direcciones sobre las que las acciones de gestion de memoria son llevadas a cabo, lo que permite causar, a los usuarios del sistema operativo Huesped, una denegación de servicio (caida del sistema operativo Huesped) o posiblemente obtener privilegios mediante vectores no especificados.", }, ], id: "CVE-2010-0429", lastModified: "2024-11-21T01:12:11.983", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "LOCAL", authentication: "SINGLE", availabilityImpact: "COMPLETE", baseScore: 6.6, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:L/AC:M/Au:S/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 2.7, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2010-08-24T18:00:23.190", references: [ { source: "secalert@redhat.com", url: "https://bugzilla.redhat.com/show_bug.cgi?id=568701", }, { source: "secalert@redhat.com", tags: [ "Patch", "Vendor Advisory", ], url: "https://rhn.redhat.com/errata/RHSA-2010-0622.html", }, { source: "secalert@redhat.com", tags: [ "Patch", "Vendor Advisory", ], url: "https://rhn.redhat.com/errata/RHSA-2010-0633.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://bugzilla.redhat.com/show_bug.cgi?id=568701", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "https://rhn.redhat.com/errata/RHSA-2010-0622.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "https://rhn.redhat.com/errata/RHSA-2010-0633.html", }, ], sourceIdentifier: "secalert@redhat.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-264", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2014-02-10 18:15
Modified
2024-11-21 01:40
Severity ?
Summary
The vfprintf function in stdio-common/vfprintf.c in libc in GNU C Library (aka glibc) 2.12 and other versions does not properly calculate a buffer length, which allows context-dependent attackers to bypass the FORTIFY_SOURCE format-string protection mechanism and cause a denial of service (stack corruption and crash) via a format string that uses positional parameters and many format specifiers.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
gnu | glibc | 2.12 | |
redhat | enterprise_virtualization | 3.0 | |
canonical | ubuntu_linux | 8.04 | |
canonical | ubuntu_linux | 10.04 | |
canonical | ubuntu_linux | 11.04 | |
canonical | ubuntu_linux | 11.10 | |
canonical | ubuntu_linux | 12.04 | |
redhat | enterprise_linux | 6.0 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:gnu:glibc:2.12:*:*:*:*:*:*:*", matchCriteriaId: "18F57529-10DF-447A-8C53-DD4B1C2AA21E", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:enterprise_virtualization:3.0:*:*:*:*:*:*:*", matchCriteriaId: "105130E9-D48E-4FB8-A715-E6438EC7E744", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:8.04:-:lts:*:*:*:*:*", matchCriteriaId: "D6DFE2D3-46E2-4D0C-8508-30307D654560", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:10.04:-:lts:*:*:*:*:*", matchCriteriaId: "7118F616-25CA-4E34-AA13-4D14BB62419F", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:11.04:*:*:*:*:*:*:*", matchCriteriaId: "EF49D26F-142E-468B-87C1-BABEA445255C", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:11.10:*:*:*:*:*:*:*", matchCriteriaId: "E4174F4F-149E-41A6-BBCC-D01114C05F38", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:12.04:-:lts:*:*:*:*:*", matchCriteriaId: "F5D324C4-97C7-49D3-A809-9EAD4B690C69", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*", matchCriteriaId: "2F6AB192-9D7D-4A9A-8995-E53A9DE9EAFC", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "The vfprintf function in stdio-common/vfprintf.c in libc in GNU C Library (aka glibc) 2.12 and other versions does not properly calculate a buffer length, which allows context-dependent attackers to bypass the FORTIFY_SOURCE format-string protection mechanism and cause a denial of service (stack corruption and crash) via a format string that uses positional parameters and many format specifiers.", }, { lang: "es", value: "La función vfprintf en stdio-common/vfprintf.c en libc en GNU C Library (también conocido como glibc) 2.12 y otras versiones no calcula correctamente una longitud de buffer, lo que permite a atacantes dependientes de contexto evadir el mecanismo de protección de cadenas de formato FORTIFY_SOURCE y causar una denegación de servicio (corrupción de pila y caída) a través de una cadena de formato que utiliza parámetros posicionales y muchos especificadores de formato.", }, ], id: "CVE-2012-3404", lastModified: "2024-11-21T01:40:48.117", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 5, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2014-02-10T18:15:10.013", references: [ { source: "secalert@redhat.com", url: "http://rhn.redhat.com/errata/RHSA-2012-1098.html", }, { source: "secalert@redhat.com", url: "http://rhn.redhat.com/errata/RHSA-2012-1200.html", }, { source: "secalert@redhat.com", url: "http://www.openwall.com/lists/oss-security/2012/07/11/17", }, { source: "secalert@redhat.com", url: "http://www.ubuntu.com/usn/USN-1589-1", }, { source: "secalert@redhat.com", url: "https://bugzilla.redhat.com/show_bug.cgi?id=833703", }, { source: "secalert@redhat.com", url: "https://security.gentoo.org/glsa/201503-04", }, { source: "secalert@redhat.com", tags: [ "Exploit", "Patch", ], url: "https://sourceware.org/bugzilla/show_bug.cgi?id=12445", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://rhn.redhat.com/errata/RHSA-2012-1098.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://rhn.redhat.com/errata/RHSA-2012-1200.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.openwall.com/lists/oss-security/2012/07/11/17", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.ubuntu.com/usn/USN-1589-1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://bugzilla.redhat.com/show_bug.cgi?id=833703", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://security.gentoo.org/glsa/201503-04", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Patch", ], url: "https://sourceware.org/bugzilla/show_bug.cgi?id=12445", }, ], sourceIdentifier: "secalert@redhat.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-189", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2014-12-05 16:59
Modified
2024-11-21 02:08
Severity ?
Summary
The rhevm-log-collector package in Red Hat Enterprise Virtualization 3.4 uses the PostgreSQL database password on the command line when calling sosreport, which allows local users to obtain sensitive information by listing the processes.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
redhat | enterprise_virtualization | 3.4 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:redhat:enterprise_virtualization:3.4:*:*:*:*:*:*:*", matchCriteriaId: "FDA49BAA-D188-4F05-9AE8-E5A736EE1267", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "The rhevm-log-collector package in Red Hat Enterprise Virtualization 3.4 uses the PostgreSQL database password on the command line when calling sosreport, which allows local users to obtain sensitive information by listing the processes.", }, { lang: "es", value: "El paquete rhevm-log-collector en Red Hat Enterprise Virtualization 3.4 utiliza la contraseña de la base de datos PostgreSQL en la línea de comandos cuando llama a sosreport, lo que permite a usuarios locales obtener información sensible mediante el listado de los procesos.", }, ], id: "CVE-2014-3561", lastModified: "2024-11-21T02:08:22.497", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "LOW", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "NONE", baseScore: 2.1, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:L/AC:L/Au:N/C:P/I:N/A:N", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2014-12-05T16:59:02.970", references: [ { source: "secalert@redhat.com", tags: [ "Vendor Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2014-1947.html", }, { source: "secalert@redhat.com", url: "http://www.securitytracker.com/id/1031291", }, { source: "secalert@redhat.com", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/99096", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2014-1947.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securitytracker.com/id/1031291", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/99096", }, ], sourceIdentifier: "secalert@redhat.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-200", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2018-07-27 18:29
Modified
2024-11-21 03:23
Severity ?
6.8 (Medium) - CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L
6.3 (Medium) - CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:L
6.3 (Medium) - CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:L
Summary
When updating a password in the rhvm database the ovirt-aaa-jdbc-tool tools before 1.1.3 fail to correctly check for the current password if it is expired. This would allow access to an attacker with access to change the password on accounts with expired passwords, gaining access to those accounts.
References
▼ | URL | Tags | |
---|---|---|---|
secalert@redhat.com | http://rhn.redhat.com/errata/RHSA-2017-0257.html | Vendor Advisory | |
secalert@redhat.com | https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-2614 | Issue Tracking, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://rhn.redhat.com/errata/RHSA-2017-0257.html | Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-2614 | Issue Tracking, Vendor Advisory |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
redhat | enterprise_virtualization | 4.0 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:redhat:enterprise_virtualization:4.0:*:*:*:*:*:*:*", matchCriteriaId: "12544770-1AF9-4DD3-BC72-579DA0BC0F3E", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "When updating a password in the rhvm database the ovirt-aaa-jdbc-tool tools before 1.1.3 fail to correctly check for the current password if it is expired. This would allow access to an attacker with access to change the password on accounts with expired passwords, gaining access to those accounts.", }, { lang: "es", value: "Cuando se actualiza una contraseña en la base de datos rhvm, las herramientas de ovirt-aaaa-jdbc-tool en versiones anteriores a la 1.1.3 no verifican correctamente si la contraseña actual ha caducado. Esto permitiría el acceso a un atacante con acceso para cambiar la contraseña en cuentas con contraseñas caducadas, obteniendo acceso a esas cuentas.", }, ], id: "CVE-2017-2614", lastModified: "2024-11-21T03:23:50.067", metrics: { cvssMetricV2: [ { acInsufInfo: true, baseSeverity: "LOW", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "NONE", baseScore: 2.1, confidentialityImpact: "NONE", integrityImpact: "PARTIAL", vectorString: "AV:L/AC:L/Au:N/C:N/I:P/A:N", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "LOW", baseScore: 6.8, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L", version: "3.0", }, exploitabilityScore: 2.5, impactScore: 3.7, source: "secalert@redhat.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "LOW", baseScore: 6.3, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:L", version: "3.0", }, exploitabilityScore: 2, impactScore: 3.7, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2018-07-27T18:29:00.687", references: [ { source: "secalert@redhat.com", tags: [ "Vendor Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2017-0257.html", }, { source: "secalert@redhat.com", tags: [ "Issue Tracking", "Vendor Advisory", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-2614", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2017-0257.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Vendor Advisory", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-2614", }, ], sourceIdentifier: "secalert@redhat.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-20", }, ], source: "secalert@redhat.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-640", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2014-08-06 19:55
Modified
2024-11-21 02:08
Severity ?
Summary
The oVirt storage backend in Red Hat Enterprise Virtualization 3.4 does not wipe memory snapshots when deleting a VM, even when wipe-after-delete (WAD) is configured for the VM's disk, which allows remote authenticated users with certain credentials to read portions of the deleted VM's memory and obtain sensitive information via an uninitialized storage volume.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
redhat | enterprise_virtualization | 3.4 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:redhat:enterprise_virtualization:3.4:*:*:*:*:*:*:*", matchCriteriaId: "FDA49BAA-D188-4F05-9AE8-E5A736EE1267", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "The oVirt storage backend in Red Hat Enterprise Virtualization 3.4 does not wipe memory snapshots when deleting a VM, even when wipe-after-delete (WAD) is configured for the VM's disk, which allows remote authenticated users with certain credentials to read portions of the deleted VM's memory and obtain sensitive information via an uninitialized storage volume.", }, { lang: "es", value: "El backend de almacenaje oVirt en Red Hat Enterprise Virtualization 3.4 no borra instantáneas de la memoria cuando elimina una VM, incluso cuando borrar después de eliminar (wipe-after-delete o WAD) está configurado para el disco de la VM, lo que permite a usuarios remotos autenticados con ciertas credenciales leer porciones de la memoria eliminada de la VM y obtener información sensible a través de un volumen de almacenaje no inicializado.", }, ], id: "CVE-2014-3559", lastModified: "2024-11-21T02:08:22.250", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "LOW", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "NONE", baseScore: 3.5, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:N/AC:M/Au:S/C:P/I:N/A:N", version: "2.0", }, exploitabilityScore: 6.8, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2014-08-06T19:55:03.727", references: [ { source: "secalert@redhat.com", tags: [ "Vendor Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2014-1002.html", }, { source: "secalert@redhat.com", url: "http://www.securitytracker.com/id/1030664", }, { source: "secalert@redhat.com", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1121925", }, { source: "secalert@redhat.com", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/95098", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2014-1002.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securitytracker.com/id/1030664", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1121925", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/95098", }, ], sourceIdentifier: "secalert@redhat.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-264", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2017-04-20 17:59
Modified
2024-11-21 02:55
Severity ?
Summary
ovirt-engine-webadmin, as used in Red Hat Enterprise Virtualization Manager (aka RHEV-M) for Servers and RHEV-M 4.0, allows physically proximate attackers to bypass a webadmin session timeout restriction via vectors related to UI selections, which trigger repeating queries.
References
▼ | URL | Tags | |
---|---|---|---|
secalert@redhat.com | http://www.securityfocus.com/bid/92666 | Third Party Advisory, VDB Entry | |
secalert@redhat.com | https://access.redhat.com/errata/RHSA-2017:3427 | ||
secalert@redhat.com | https://bugzilla.redhat.com/show_bug.cgi?id=1369285 | Exploit, Issue Tracking | |
af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/92666 | Third Party Advisory, VDB Entry | |
af854a3a-2127-422b-91ae-364da2661108 | https://access.redhat.com/errata/RHSA-2017:3427 | ||
af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/show_bug.cgi?id=1369285 | Exploit, Issue Tracking |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
redhat | enterprise_virtualization | 4.0 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:redhat:enterprise_virtualization:4.0:*:*:*:*:*:*:*", matchCriteriaId: "12544770-1AF9-4DD3-BC72-579DA0BC0F3E", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "ovirt-engine-webadmin, as used in Red Hat Enterprise Virtualization Manager (aka RHEV-M) for Servers and RHEV-M 4.0, allows physically proximate attackers to bypass a webadmin session timeout restriction via vectors related to UI selections, which trigger repeating queries.", }, { lang: "es", value: "ovirt-engine-webadmin, como se utiliza en Red Hat Enterprise Virtualization Manager (también conocido como RHEV-M) para Servers y RHEV-M 4.0, permite a los atacantes físicamente próximos eludir una restricción de tiempo de espera de la sesión webadmin a través de vectores relacionados con las selecciones de interfaz de usuario, que desencadenan las consultas repetidas.", }, ], id: "CVE-2016-6338", lastModified: "2024-11-21T02:55:55.877", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 4.6, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:L/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "PHYSICAL", availabilityImpact: "HIGH", baseScore: 6.8, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 0.9, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2017-04-20T17:59:00.960", references: [ { source: "secalert@redhat.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/92666", }, { source: "secalert@redhat.com", url: "https://access.redhat.com/errata/RHSA-2017:3427", }, { source: "secalert@redhat.com", tags: [ "Exploit", "Issue Tracking", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1369285", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/92666", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://access.redhat.com/errata/RHSA-2017:3427", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Issue Tracking", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1369285", }, ], sourceIdentifier: "secalert@redhat.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-284", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2013-08-19 23:55
Modified
2024-11-21 01:55
Severity ?
Summary
VDSM in Red Hat Enterprise Virtualization 3 and 3.2 allows privileged guest users to cause the host to become "unavailable to the managment server" via invalid XML characters in a guest agent response. NOTE: this issue is due to an incomplete fix for CVE-2013-0167.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
redhat | enterprise_virtualization | 3.0 | |
redhat | enterprise_virtualization | 3.2 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:redhat:enterprise_virtualization:3.0:*:*:*:*:*:*:*", matchCriteriaId: "105130E9-D48E-4FB8-A715-E6438EC7E744", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:enterprise_virtualization:3.2:*:*:*:*:*:*:*", matchCriteriaId: "4CB24864-E9F3-4EE2-BFA4-9C6C1EB9EF8B", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "VDSM in Red Hat Enterprise Virtualization 3 and 3.2 allows privileged guest users to cause the host to become \"unavailable to the managment server\" via invalid XML characters in a guest agent response. NOTE: this issue is due to an incomplete fix for CVE-2013-0167.", }, { lang: "es", value: "VDSM en Red Hat Enterprise Virtualization 3 y 3.2, permite a a usuarios con provilegios en la máquina \"invitada\" provocar que el host no \"esté disponible para el servidor de gestión\" a través de carácteres XML no válidos en una respuesta. NOTA: esta cuestión es debido a una solución incompleta del CVE-2013-0167.", }, ], id: "CVE-2013-4236", lastModified: "2024-11-21T01:55:11.260", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "LOW", cvssData: { accessComplexity: "LOW", accessVector: "ADJACENT_NETWORK", authentication: "SINGLE", availabilityImpact: "PARTIAL", baseScore: 2.7, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:A/AC:L/Au:S/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 5.1, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2013-08-19T23:55:08.930", references: [ { source: "secalert@redhat.com", url: "http://gerrit.ovirt.org/gitweb?p=vdsm.git%3Ba=commit%3Bh=5fe1615b7949999fc9abd896bde63bf24f8431d6", }, { source: "secalert@redhat.com", tags: [ "Vendor Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2013-1155.html", }, { source: "secalert@redhat.com", url: "https://bugzilla.redhat.com/show_bug.cgi?id=996166", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://gerrit.ovirt.org/gitweb?p=vdsm.git%3Ba=commit%3Bh=5fe1615b7949999fc9abd896bde63bf24f8431d6", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2013-1155.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://bugzilla.redhat.com/show_bug.cgi?id=996166", }, ], sourceIdentifier: "secalert@redhat.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-Other", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2014-01-21 18:55
Modified
2024-11-21 01:51
Severity ?
Summary
Unquoted Windows search path vulnerability in Red Hat Enterprise Virtualization (RHEV) 3 and 3.2 allows local users to gain privileges via a crafted application in an unspecified folder.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
redhat | enterprise_virtualization | 3.0 | |
redhat | enterprise_virtualization | 3.2 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:redhat:enterprise_virtualization:3.0:*:*:*:*:*:*:*", matchCriteriaId: "105130E9-D48E-4FB8-A715-E6438EC7E744", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:enterprise_virtualization:3.2:*:*:*:*:*:*:*", matchCriteriaId: "4CB24864-E9F3-4EE2-BFA4-9C6C1EB9EF8B", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Unquoted Windows search path vulnerability in Red Hat Enterprise Virtualization (RHEV) 3 and 3.2 allows local users to gain privileges via a crafted application in an unspecified folder.", }, { lang: "es", value: "Vulnerabilidad de ruta de búsqueda en Windows sin comillas de Red Hat Enterprise Virtualization (RHEV) 3 y 3.2 permite a usuarios locales obtener privilegios a través de una aplicación manipulada en una carpeta sin especificar.", }, ], evaluatorComment: "Per: http://cwe.mitre.org/data/definitions/426.html\n\n\"CWE-426: Untrusted Search Path\"", id: "CVE-2013-2151", lastModified: "2024-11-21T01:51:08.577", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 7.2, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:L/AC:L/Au:N/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2014-01-21T18:55:09.443", references: [ { source: "secalert@redhat.com", tags: [ "Vendor Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2013-0925.html", }, { source: "secalert@redhat.com", url: "http://www.securityfocus.com/bid/60473", }, { source: "secalert@redhat.com", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/84868", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2013-0925.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/bid/60473", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/84868", }, ], sourceIdentifier: "secalert@redhat.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-Other", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2013-08-28 21:55
Modified
2024-11-21 01:51
Severity ?
Summary
Unquoted Windows search path vulnerability in the Red Hat Enterprise Virtualization Application Provisioning Tool (RHEV-APT) in the rhev-guest-tools-iso package 3.2 allows local users to gain privileges via a Trojan horse application.
References
▼ | URL | Tags | |
---|---|---|---|
secalert@redhat.com | http://rhn.redhat.com/errata/RHSA-2013-1122.html | Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://rhn.redhat.com/errata/RHSA-2013-1122.html | Vendor Advisory |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
redhat | enterprise_virtualization | 3.0 | |
redhat | enterprise_virtualization | 3.2 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:redhat:enterprise_virtualization:3.0:*:*:*:*:*:*:*", matchCriteriaId: "105130E9-D48E-4FB8-A715-E6438EC7E744", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:enterprise_virtualization:3.2:*:*:*:*:*:*:*", matchCriteriaId: "4CB24864-E9F3-4EE2-BFA4-9C6C1EB9EF8B", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Unquoted Windows search path vulnerability in the Red Hat Enterprise Virtualization Application Provisioning Tool (RHEV-APT) in the rhev-guest-tools-iso package 3.2 allows local users to gain privileges via a Trojan horse application.", }, { lang: "es", value: "Vulnerabilidad de búsqueda de ruta sin entrecomillar en Red Hat Enterprise Virtualization Application Provisioning Tool (RHEV-APT) en el paquete hev-guest-tools-iso 3.2, permite a usuarios locales elevar sus privilegios a través de una aplicación del tipo \"troyano\".", }, ], id: "CVE-2013-2176", lastModified: "2024-11-21T01:51:11.430", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 7.2, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:L/AC:L/Au:N/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2013-08-28T21:55:08.473", references: [ { source: "secalert@redhat.com", tags: [ "Vendor Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2013-1122.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2013-1122.html", }, ], sourceIdentifier: "secalert@redhat.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-399", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2019-11-04 19:15
Modified
2024-11-21 01:55
Severity ?
Summary
Insecure temporary file vulnerability in RedHat vsdm 4.9.6.
References
▼ | URL | Tags | |
---|---|---|---|
secalert@redhat.com | https://access.redhat.com/security/cve/cve-2013-4280 | Vendor Advisory | |
secalert@redhat.com | https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4280 | Exploit, Issue Tracking, Vendor Advisory | |
secalert@redhat.com | https://security-tracker.debian.org/tracker/CVE-2013-4280 | Third Party Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://access.redhat.com/security/cve/cve-2013-4280 | Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4280 | Exploit, Issue Tracking, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://security-tracker.debian.org/tracker/CVE-2013-4280 | Third Party Advisory |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
redhat | virtual_desktop_server_manager | 4.9.6 | |
redhat | enterprise_virtualization | 3.0 | |
redhat | storage | 2.0 | |
redhat | storage | 2.1 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:redhat:virtual_desktop_server_manager:4.9.6:*:*:*:*:*:*:*", matchCriteriaId: "F21C36C5-57E9-4E70-9528-C18EE12EC237", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:redhat:enterprise_virtualization:3.0:*:*:*:*:*:*:*", matchCriteriaId: "105130E9-D48E-4FB8-A715-E6438EC7E744", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:storage:2.0:*:*:*:*:*:*:*", matchCriteriaId: "52B90A04-DD6D-4AE7-A0E5-6B381127D507", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:storage:2.1:*:*:*:*:*:*:*", matchCriteriaId: "53C986BD-2D1F-4865-B16D-72FD875E3776", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Insecure temporary file vulnerability in RedHat vsdm 4.9.6.", }, { lang: "es", value: "Vulnerabilidad de archivo temporal no seguro en RedHat vsdm versión 4.9.6.", }, ], id: "CVE-2013-4280", lastModified: "2024-11-21T01:55:16.137", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "LOW", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "NONE", baseScore: 2.1, confidentialityImpact: "NONE", integrityImpact: "PARTIAL", vectorString: "AV:L/AC:L/Au:N/C:N/I:P/A:N", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2019-11-04T19:15:10.303", references: [ { source: "secalert@redhat.com", tags: [ "Vendor Advisory", ], url: "https://access.redhat.com/security/cve/cve-2013-4280", }, { source: "secalert@redhat.com", tags: [ "Exploit", "Issue Tracking", "Vendor Advisory", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4280", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "https://security-tracker.debian.org/tracker/CVE-2013-4280", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://access.redhat.com/security/cve/cve-2013-4280", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Issue Tracking", "Vendor Advisory", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4280", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security-tracker.debian.org/tracker/CVE-2013-4280", }, ], sourceIdentifier: "secalert@redhat.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-668", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2014-07-11 14:55
Modified
2024-11-21 02:08
Severity ?
Summary
The REST API in the ovirt-engine in oVirt, as used in Red Hat Enterprise Virtualization (rhevm) 3.4, allows remote authenticated users to read arbitrary files and have other unspecified impact via unknown vectors, related to an XML External Entity (XXE) issue.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
redhat | enterprise_virtualization | 3.4 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:redhat:enterprise_virtualization:3.4:*:*:*:*:*:*:*", matchCriteriaId: "FDA49BAA-D188-4F05-9AE8-E5A736EE1267", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "The REST API in the ovirt-engine in oVirt, as used in Red Hat Enterprise Virtualization (rhevm) 3.4, allows remote authenticated users to read arbitrary files and have other unspecified impact via unknown vectors, related to an XML External Entity (XXE) issue.", }, { lang: "es", value: "REST API en ovirt-engine en oVirt, utilizado en Red Hat Enterprise Virtualization (rhevm) 3.4, permite a usuarios remotos autenticados leer ficheros arbitrarios y tener otro impacto no especificado a través de vectores desconocidos, relacionado con un problema de entidad externa XML External Entity (XXE).", }, ], id: "CVE-2014-3485", lastModified: "2024-11-21T02:08:12.623", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "NONE", baseScore: 4, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:S/C:P/I:N/A:N", version: "2.0", }, exploitabilityScore: 8, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2014-07-11T14:55:03.680", references: [ { source: "secalert@redhat.com", tags: [ "Vendor Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2014-0814.html", }, { source: "secalert@redhat.com", url: "http://www.securitytracker.com/id/1030501", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2014-0814.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securitytracker.com/id/1030501", }, ], sourceIdentifier: "secalert@redhat.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-200", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2018-06-20 01:29
Modified
2024-11-21 03:59
Severity ?
5.0 (Medium) - CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N
9.8 (Critical) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
ovirt-ansible-roles before version 1.0.6 has a vulnerability due to a missing no_log directive, resulting in the 'Add oVirt Provider to ManageIQ/CloudForms' playbook inadvertently disclosing admin passwords in the provisioning log. In an environment where logs are shared with other parties, this could lead to privilege escalation.
References
▼ | URL | Tags | |
---|---|---|---|
secalert@redhat.com | http://www.securityfocus.com/bid/104186 | Third Party Advisory, VDB Entry | |
secalert@redhat.com | https://access.redhat.com/errata/RHSA-2018:1452 | Third Party Advisory | |
secalert@redhat.com | https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-1117 | Issue Tracking, Third Party Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/104186 | Third Party Advisory, VDB Entry | |
af854a3a-2127-422b-91ae-364da2661108 | https://access.redhat.com/errata/RHSA-2018:1452 | Third Party Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-1117 | Issue Tracking, Third Party Advisory |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
ovirt | ovirt-ansible-roles | * | |
redhat | enterprise_virtualization | 4.1 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:ovirt:ovirt-ansible-roles:*:*:*:*:*:*:*:*", matchCriteriaId: "BF5372E6-6BF7-46A4-A649-94DFEB390B02", versionEndExcluding: "1.0.6", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:redhat:enterprise_virtualization:4.1:*:*:*:*:*:*:*", matchCriteriaId: "02A9AA55-B4CC-4606-A23E-BD7C0E6B78B9", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "ovirt-ansible-roles before version 1.0.6 has a vulnerability due to a missing no_log directive, resulting in the 'Add oVirt Provider to ManageIQ/CloudForms' playbook inadvertently disclosing admin passwords in the provisioning log. In an environment where logs are shared with other parties, this could lead to privilege escalation.", }, { lang: "es", value: "ovirt-ansible-roles en versiones anteriores a la 1.0.6 tiene una vulnerabilidad debido a la falta de la directiva no_log, lo que resulta en que el procedimiento \"Add oVirt Provider to ManageIQ/CloudForms\" revela accidentalmente contraseñas de administrador en el registro de aprovisionamiento. En un entorno en el que se comparten registros con otras partes, esto podría conducir a un escalado de privilegios.", }, ], id: "CVE-2018-1117", lastModified: "2024-11-21T03:59:13.053", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 5, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:P/I:N/A:N", version: "2.0", }, exploitabilityScore: 10, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N", version: "3.0", }, exploitabilityScore: 1.3, impactScore: 3.6, source: "secalert@redhat.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 3.9, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2018-06-20T01:29:02.243", references: [ { source: "secalert@redhat.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/104186", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:1452", }, { source: "secalert@redhat.com", tags: [ "Issue Tracking", "Third Party Advisory", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-1117", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/104186", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:1452", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Third Party Advisory", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-1117", }, ], sourceIdentifier: "secalert@redhat.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-532", }, ], source: "secalert@redhat.com", type: "Secondary", }, { description: [ { lang: "en", value: "NVD-CWE-noinfo", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2015-05-13 18:59
Modified
2024-11-21 02:29
Severity ?
Summary
The Floppy Disk Controller (FDC) in QEMU, as used in Xen 4.5.x and earlier and KVM, allows local guest users to cause a denial of service (out-of-bounds write and guest crash) or possibly execute arbitrary code via the (1) FD_CMD_READ_ID, (2) FD_CMD_DRIVE_SPECIFICATION_COMMAND, or other unspecified commands, aka VENOM.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
qemu | qemu | * | |
redhat | enterprise_virtualization | 3.0 | |
redhat | openstack | 4.0 | |
redhat | openstack | 5.0 | |
redhat | openstack | 6.0 | |
redhat | openstack | 7.0 | |
redhat | enterprise_linux | 5 | |
redhat | enterprise_linux | 6.0 | |
redhat | enterprise_linux | 7.0 | |
xen | xen | 4.5.0 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:qemu:qemu:*:*:*:*:*:*:*:*", matchCriteriaId: "ABF17A18-4BE8-41B7-B50C-F4A137B3B2F1", versionEndIncluding: "2.3.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:redhat:enterprise_virtualization:3.0:*:*:*:*:*:*:*", matchCriteriaId: "105130E9-D48E-4FB8-A715-E6438EC7E744", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:openstack:4.0:*:*:*:*:*:*:*", matchCriteriaId: "1802FDB8-C919-4D5E-A8AD-4C5B72525090", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:openstack:5.0:*:*:*:*:*:*:*", matchCriteriaId: "B152EDF3-3140-4343-802F-F4F1C329F5C3", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:openstack:6.0:*:*:*:*:*:*:*", matchCriteriaId: "31EC146C-A6F6-4C0D-AF87-685286262DAA", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:openstack:7.0:*:*:*:*:*:*:*", matchCriteriaId: "9DAA72A4-AC7D-4544-89D4-5B07961D5A95", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux:5:*:*:*:*:*:*:*", matchCriteriaId: "AA9B3CC0-DF1C-4A86-B2A3-A9D428A5A6E6", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*", matchCriteriaId: "2F6AB192-9D7D-4A9A-8995-E53A9DE9EAFC", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*", matchCriteriaId: "142AD0DD-4CF3-4D74-9442-459CE3347E3A", vulnerable: true, }, { criteria: "cpe:2.3:o:xen:xen:4.5.0:*:*:*:*:*:*:*", matchCriteriaId: "90CCECD0-C0F9-45A8-8699-64428637EBCA", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "The Floppy Disk Controller (FDC) in QEMU, as used in Xen 4.5.x and earlier and KVM, allows local guest users to cause a denial of service (out-of-bounds write and guest crash) or possibly execute arbitrary code via the (1) FD_CMD_READ_ID, (2) FD_CMD_DRIVE_SPECIFICATION_COMMAND, or other unspecified commands, aka VENOM.", }, { lang: "es", value: "Floppy Disk Controller (FDC) en QEMU, utilizado en Xen 4.5.x y anteriores y KVM, permite a usuarios locales invitados causar una denegación de servicio (escritura fuera de rango y caída del invitado) o posiblemente ejecutar código arbitrario a través de (1) FD_CMD_READ_ID, (2) FD_CMD_DRIVE_SPECIFICATION_COMMAND, u otros comandos sin especificar, también conocido como VENOM.", }, ], evaluatorComment: "Though the VENOM vulnerability is also agnostic of the guest operating system, an attacker (or an attacker’s malware) would need to have administrative or root privileges in the guest operating system in order to exploit VENOM", id: "CVE-2015-3456", lastModified: "2024-11-21T02:29:27.637", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "ADJACENT_NETWORK", authentication: "SINGLE", availabilityImpact: "COMPLETE", baseScore: 7.7, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:A/AC:L/Au:S/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 5.1, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2015-05-13T18:59:00.157", references: [ { source: "cve@mitre.org", url: "http://git.qemu.org/?p=qemu.git%3Ba=commitdiff%3Bh=e907746266721f305d67bc0718795fedee2e824c", }, { source: "cve@mitre.org", url: "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10693", }, { source: "cve@mitre.org", url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/158072.html", }, { source: "cve@mitre.org", url: "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00009.html", }, { source: "cve@mitre.org", url: "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00013.html", }, { source: "cve@mitre.org", url: "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00014.html", }, { source: "cve@mitre.org", url: "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00018.html", }, { source: "cve@mitre.org", url: "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00019.html", }, { source: "cve@mitre.org", url: "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00021.html", }, { source: "cve@mitre.org", url: "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00042.html", }, { source: "cve@mitre.org", url: "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00001.html", }, { source: "cve@mitre.org", url: "http://lists.opensuse.org/opensuse-updates/2015-08/msg00021.html", }, { source: "cve@mitre.org", url: "http://marc.info/?l=bugtraq&m=143229451215900&w=2", }, { source: "cve@mitre.org", url: "http://marc.info/?l=bugtraq&m=143229451215900&w=2", }, { source: "cve@mitre.org", url: "http://marc.info/?l=bugtraq&m=143387998230996&w=2", }, { source: "cve@mitre.org", url: "http://rhn.redhat.com/errata/RHSA-2015-0998.html", }, { source: "cve@mitre.org", url: "http://rhn.redhat.com/errata/RHSA-2015-0999.html", }, { source: "cve@mitre.org", url: "http://rhn.redhat.com/errata/RHSA-2015-1000.html", }, { source: "cve@mitre.org", url: "http://rhn.redhat.com/errata/RHSA-2015-1001.html", }, { source: "cve@mitre.org", url: "http://rhn.redhat.com/errata/RHSA-2015-1002.html", }, { source: "cve@mitre.org", url: "http://rhn.redhat.com/errata/RHSA-2015-1003.html", }, { source: "cve@mitre.org", url: "http://rhn.redhat.com/errata/RHSA-2015-1004.html", }, { source: "cve@mitre.org", url: "http://rhn.redhat.com/errata/RHSA-2015-1011.html", }, { source: "cve@mitre.org", url: "http://support.citrix.com/article/CTX201078", }, { source: "cve@mitre.org", url: "http://venom.crowdstrike.com/", }, { source: "cve@mitre.org", url: "http://www.debian.org/security/2015/dsa-3259", }, { source: "cve@mitre.org", url: "http://www.debian.org/security/2015/dsa-3262", }, { source: "cve@mitre.org", url: "http://www.debian.org/security/2015/dsa-3274", }, { source: "cve@mitre.org", url: "http://www.fortiguard.com/advisory/2015-05-19-cve-2015-3456-venom-vulnerability", }, { source: "cve@mitre.org", url: "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html", }, { source: "cve@mitre.org", url: "http://www.securityfocus.com/bid/74640", }, { source: "cve@mitre.org", url: "http://www.securitytracker.com/id/1032306", }, { source: "cve@mitre.org", url: "http://www.securitytracker.com/id/1032311", }, { source: "cve@mitre.org", url: "http://www.securitytracker.com/id/1032917", }, { source: "cve@mitre.org", url: "http://www.ubuntu.com/usn/USN-2608-1", }, { source: "cve@mitre.org", url: "http://www1.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-438937.htm", }, { source: "cve@mitre.org", url: "http://xenbits.xen.org/xsa/advisory-133.html", }, { source: "cve@mitre.org", url: "https://access.redhat.com/articles/1444903", }, { source: "cve@mitre.org", url: "https://bto.bluecoat.com/security-advisory/sa95", }, { source: "cve@mitre.org", url: "https://kb.juniper.net/JSA10783", }, { source: "cve@mitre.org", url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10118", }, { source: "cve@mitre.org", url: "https://security.gentoo.org/glsa/201602-01", }, { source: "cve@mitre.org", url: "https://security.gentoo.org/glsa/201604-03", }, { source: "cve@mitre.org", url: "https://security.gentoo.org/glsa/201612-27", }, { source: "cve@mitre.org", url: "https://securityblog.redhat.com/2015/05/13/venom-dont-get-bitten/", }, { source: "cve@mitre.org", url: "https://support.lenovo.com/us/en/product_security/venom", }, { source: "cve@mitre.org", url: "https://www.arista.com/en/support/advisories-notices/security-advisories/1128-security-advisory-10", }, { source: "cve@mitre.org", url: "https://www.exploit-db.com/exploits/37053/", }, { source: "cve@mitre.org", url: "https://www.suse.com/security/cve/CVE-2015-3456.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://git.qemu.org/?p=qemu.git%3Ba=commitdiff%3Bh=e907746266721f305d67bc0718795fedee2e824c", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10693", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/158072.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00009.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00013.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00014.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00018.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00019.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00021.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00042.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00001.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.opensuse.org/opensuse-updates/2015-08/msg00021.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://marc.info/?l=bugtraq&m=143229451215900&w=2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://marc.info/?l=bugtraq&m=143229451215900&w=2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://marc.info/?l=bugtraq&m=143387998230996&w=2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://rhn.redhat.com/errata/RHSA-2015-0998.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://rhn.redhat.com/errata/RHSA-2015-0999.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://rhn.redhat.com/errata/RHSA-2015-1000.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://rhn.redhat.com/errata/RHSA-2015-1001.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://rhn.redhat.com/errata/RHSA-2015-1002.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://rhn.redhat.com/errata/RHSA-2015-1003.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://rhn.redhat.com/errata/RHSA-2015-1004.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://rhn.redhat.com/errata/RHSA-2015-1011.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://support.citrix.com/article/CTX201078", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://venom.crowdstrike.com/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.debian.org/security/2015/dsa-3259", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.debian.org/security/2015/dsa-3262", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.debian.org/security/2015/dsa-3274", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.fortiguard.com/advisory/2015-05-19-cve-2015-3456-venom-vulnerability", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/bid/74640", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securitytracker.com/id/1032306", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securitytracker.com/id/1032311", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securitytracker.com/id/1032917", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.ubuntu.com/usn/USN-2608-1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www1.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-438937.htm", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://xenbits.xen.org/xsa/advisory-133.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://access.redhat.com/articles/1444903", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://bto.bluecoat.com/security-advisory/sa95", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://kb.juniper.net/JSA10783", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10118", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://security.gentoo.org/glsa/201602-01", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://security.gentoo.org/glsa/201604-03", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://security.gentoo.org/glsa/201612-27", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://securityblog.redhat.com/2015/05/13/venom-dont-get-bitten/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://support.lenovo.com/us/en/product_security/venom", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://www.arista.com/en/support/advisories-notices/security-advisories/1128-security-advisory-10", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://www.exploit-db.com/exploits/37053/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://www.suse.com/security/cve/CVE-2015-3456.html", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-119", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2019-11-13 17:15
Modified
2024-11-21 02:18
Severity ?
Summary
vdsm and vdsclient does not validate certficate hostname from another vdsm which could facilitate a man-in-the-middle attack
References
▼ | URL | Tags | |
---|---|---|---|
secalert@redhat.com | https://access.redhat.com/security/cve/cve-2014-8167 | Third Party Advisory | |
secalert@redhat.com | https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2014-8167 | Issue Tracking, Third Party Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://access.redhat.com/security/cve/cve-2014-8167 | Third Party Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2014-8167 | Issue Tracking, Third Party Advisory |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
redhat | enterprise_virtualization | 3.0 | |
redhat | vdsclient | - | |
redhat | virtual_desktop_server_manager | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:redhat:enterprise_virtualization:3.0:*:*:*:*:*:*:*", matchCriteriaId: "105130E9-D48E-4FB8-A715-E6438EC7E744", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:vdsclient:-:*:*:*:*:*:*:*", matchCriteriaId: "92087AB4-2268-4863-ABD8-1B96C0D116A9", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:virtual_desktop_server_manager:-:*:*:*:*:*:*:*", matchCriteriaId: "A12291A0-97EA-4F4F-8444-397DB8899108", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "vdsm and vdsclient does not validate certficate hostname from another vdsm which could facilitate a man-in-the-middle attack", }, { lang: "es", value: "vdsm y vdsclient no comprueban la certificación del nombre de host desde otro vdsm, lo que podría facilitar un ataque de tipo man-in-the-middle.", }, ], id: "CVE-2014-8167", lastModified: "2024-11-21T02:18:41.930", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 4.3, confidentialityImpact: "NONE", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:N/I:P/A:N", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.9, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N", version: "3.1", }, exploitabilityScore: 2.2, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2019-11-13T17:15:13.617", references: [ { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/security/cve/cve-2014-8167", }, { source: "secalert@redhat.com", tags: [ "Issue Tracking", "Third Party Advisory", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2014-8167", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/security/cve/cve-2014-8167", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Third Party Advisory", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2014-8167", }, ], sourceIdentifier: "secalert@redhat.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-295", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2014-02-10 18:15
Modified
2024-11-21 01:40
Severity ?
Summary
The vfprintf function in stdio-common/vfprintf.c in libc in GNU C Library (aka glibc) 2.14 and other versions does not properly calculate a buffer length, which allows context-dependent attackers to bypass the FORTIFY_SOURCE format-string protection mechanism and cause a denial of service (segmentation fault and crash) via a format string with a large number of format specifiers that triggers "desynchronization within the buffer size handling," a different vulnerability than CVE-2012-3404.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
gnu | glibc | 2.14 | |
redhat | enterprise_virtualization | 3.0 | |
canonical | ubuntu_linux | 8.04 | |
canonical | ubuntu_linux | 10.04 | |
canonical | ubuntu_linux | 11.04 | |
canonical | ubuntu_linux | 11.10 | |
canonical | ubuntu_linux | 12.04 | |
redhat | enterprise_linux | 6.0 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:gnu:glibc:2.14:*:*:*:*:*:*:*", matchCriteriaId: "BFD5D113-EF53-4690-92AC-B6E54D70AA9B", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:enterprise_virtualization:3.0:*:*:*:*:*:*:*", matchCriteriaId: "105130E9-D48E-4FB8-A715-E6438EC7E744", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:8.04:-:lts:*:*:*:*:*", matchCriteriaId: "D6DFE2D3-46E2-4D0C-8508-30307D654560", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:10.04:-:lts:*:*:*:*:*", matchCriteriaId: "7118F616-25CA-4E34-AA13-4D14BB62419F", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:11.04:*:*:*:*:*:*:*", matchCriteriaId: "EF49D26F-142E-468B-87C1-BABEA445255C", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:11.10:*:*:*:*:*:*:*", matchCriteriaId: "E4174F4F-149E-41A6-BBCC-D01114C05F38", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:12.04:-:lts:*:*:*:*:*", matchCriteriaId: "F5D324C4-97C7-49D3-A809-9EAD4B690C69", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*", matchCriteriaId: "2F6AB192-9D7D-4A9A-8995-E53A9DE9EAFC", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "The vfprintf function in stdio-common/vfprintf.c in libc in GNU C Library (aka glibc) 2.14 and other versions does not properly calculate a buffer length, which allows context-dependent attackers to bypass the FORTIFY_SOURCE format-string protection mechanism and cause a denial of service (segmentation fault and crash) via a format string with a large number of format specifiers that triggers \"desynchronization within the buffer size handling,\" a different vulnerability than CVE-2012-3404.", }, { lang: "es", value: "La función vfprintf en stdio-common/vfprintf.c en libc en GNU C Library (también conocido como glibc) 2.14 y otras versiones no calcula correctamente una longitud de buffer, lo que permite a atacantes dependientes de contexto evadir el mecanismo de protección de cadenas de formato FORTIFY_SOURCE y causar una denegación de servicio (fallo de segmentación y caída) a través de una cadena de formato con un gran número de especificadores de formato que provoca \"desincronización dentro del manejo del tamaño de buffer,\" una vulnerabilidad deferente a CVE-2012-3404.", }, ], id: "CVE-2012-3405", lastModified: "2024-11-21T01:40:48.247", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 5, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2014-02-10T18:15:10.073", references: [ { source: "secalert@redhat.com", url: "http://rhn.redhat.com/errata/RHSA-2012-1098.html", }, { source: "secalert@redhat.com", url: "http://rhn.redhat.com/errata/RHSA-2012-1200.html", }, { source: "secalert@redhat.com", url: "http://www.openwall.com/lists/oss-security/2012/07/11/17", }, { source: "secalert@redhat.com", url: "http://www.ubuntu.com/usn/USN-1589-1", }, { source: "secalert@redhat.com", url: "https://bugzilla.redhat.com/show_bug.cgi?id=833704", }, { source: "secalert@redhat.com", url: "https://security.gentoo.org/glsa/201503-04", }, { source: "secalert@redhat.com", url: "https://sourceware.org/bugzilla/show_bug.cgi?id=13446", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://rhn.redhat.com/errata/RHSA-2012-1098.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://rhn.redhat.com/errata/RHSA-2012-1200.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.openwall.com/lists/oss-security/2012/07/11/17", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.ubuntu.com/usn/USN-1589-1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://bugzilla.redhat.com/show_bug.cgi?id=833704", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://security.gentoo.org/glsa/201503-04", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://sourceware.org/bugzilla/show_bug.cgi?id=13446", }, ], sourceIdentifier: "secalert@redhat.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-189", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2014-02-10 18:15
Modified
2024-11-21 01:40
Severity ?
Summary
The vfprintf function in stdio-common/vfprintf.c in GNU C Library (aka glibc) 2.5, 2.12, and probably other versions does not "properly restrict the use of" the alloca function when allocating the SPECS array, which allows context-dependent attackers to bypass the FORTIFY_SOURCE format-string protection mechanism and cause a denial of service (crash) or possibly execute arbitrary code via a crafted format string using positional parameters and a large number of format specifiers, a different vulnerability than CVE-2012-3404 and CVE-2012-3405.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
gnu | glibc | 2.5 | |
gnu | glibc | 2.12 | |
redhat | enterprise_virtualization | 3.0 | |
canonical | ubuntu_linux | 8.04 | |
canonical | ubuntu_linux | 10.04 | |
canonical | ubuntu_linux | 11.04 | |
canonical | ubuntu_linux | 11.10 | |
canonical | ubuntu_linux | 12.04 | |
redhat | enterprise_linux | 5 | |
redhat | enterprise_linux | 6.0 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:gnu:glibc:2.5:*:*:*:*:*:*:*", matchCriteriaId: "DC0B9503-9AD0-4A1A-BD4F-4B902BFC8E5F", vulnerable: true, }, { criteria: "cpe:2.3:a:gnu:glibc:2.12:*:*:*:*:*:*:*", matchCriteriaId: "18F57529-10DF-447A-8C53-DD4B1C2AA21E", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:enterprise_virtualization:3.0:*:*:*:*:*:*:*", matchCriteriaId: "105130E9-D48E-4FB8-A715-E6438EC7E744", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:8.04:-:lts:*:*:*:*:*", matchCriteriaId: "D6DFE2D3-46E2-4D0C-8508-30307D654560", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:10.04:-:lts:*:*:*:*:*", matchCriteriaId: "7118F616-25CA-4E34-AA13-4D14BB62419F", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:11.04:*:*:*:*:*:*:*", matchCriteriaId: "EF49D26F-142E-468B-87C1-BABEA445255C", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:11.10:*:*:*:*:*:*:*", matchCriteriaId: "E4174F4F-149E-41A6-BBCC-D01114C05F38", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:12.04:-:lts:*:*:*:*:*", matchCriteriaId: "F5D324C4-97C7-49D3-A809-9EAD4B690C69", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux:5:*:*:*:*:*:*:*", matchCriteriaId: "AA9B3CC0-DF1C-4A86-B2A3-A9D428A5A6E6", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*", matchCriteriaId: "2F6AB192-9D7D-4A9A-8995-E53A9DE9EAFC", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "The vfprintf function in stdio-common/vfprintf.c in GNU C Library (aka glibc) 2.5, 2.12, and probably other versions does not \"properly restrict the use of\" the alloca function when allocating the SPECS array, which allows context-dependent attackers to bypass the FORTIFY_SOURCE format-string protection mechanism and cause a denial of service (crash) or possibly execute arbitrary code via a crafted format string using positional parameters and a large number of format specifiers, a different vulnerability than CVE-2012-3404 and CVE-2012-3405.", }, { lang: "es", value: "La función vfprintf en stdio-common/vfprintf.c en GNU C Library (también conocido como glibc) 2.5, 2.12 y probablemente otras versiones no \"restringe debidamente el uso de\" la función alloca cuando asigna el array SPECS, lo que permite a atacantes dependientes de contexto evadir el mecanismo de protección de cadenas de formato FORTIFY_SOURCE y causar una denegación de servicio (caída) o posiblemente ejecutar código arbitrario a través de una cadena de formato manipulada mediante el uso de parámetros posicionales y un gran número de especificadores de formato, una vulnerabilidad diferente a CVE-2012-3404 y CVE-2012-3405.", }, ], id: "CVE-2012-3406", lastModified: "2024-11-21T01:40:48.370", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 6.8, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2014-02-10T18:15:10.120", references: [ { source: "secalert@redhat.com", url: "http://rhn.redhat.com/errata/RHSA-2012-1097.html", }, { source: "secalert@redhat.com", url: "http://rhn.redhat.com/errata/RHSA-2012-1098.html", }, { source: "secalert@redhat.com", url: "http://rhn.redhat.com/errata/RHSA-2012-1185.html", }, { source: "secalert@redhat.com", url: "http://rhn.redhat.com/errata/RHSA-2012-1200.html", }, { source: "secalert@redhat.com", url: "http://www.openwall.com/lists/oss-security/2012/07/11/17", }, { source: "secalert@redhat.com", url: "http://www.ubuntu.com/usn/USN-1589-1", }, { source: "secalert@redhat.com", url: "https://bugzilla.redhat.com/attachment.cgi?id=594722", }, { source: "secalert@redhat.com", url: "https://bugzilla.redhat.com/show_bug.cgi?id=826943", }, { source: "secalert@redhat.com", url: "https://security.gentoo.org/glsa/201503-04", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://rhn.redhat.com/errata/RHSA-2012-1097.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://rhn.redhat.com/errata/RHSA-2012-1098.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://rhn.redhat.com/errata/RHSA-2012-1185.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://rhn.redhat.com/errata/RHSA-2012-1200.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.openwall.com/lists/oss-security/2012/07/11/17", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.ubuntu.com/usn/USN-1589-1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://bugzilla.redhat.com/attachment.cgi?id=594722", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://bugzilla.redhat.com/show_bug.cgi?id=826943", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://security.gentoo.org/glsa/201503-04", }, ], sourceIdentifier: "secalert@redhat.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-264", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2013-01-31 23:55
Modified
2024-11-21 01:49
Severity ?
Summary
Stack-based buffer overflow in libpixman, as used in Pale Moon before 15.4 and possibly other products, has unspecified impact and context-dependent attack vectors. NOTE: this issue might be resultant from an integer overflow in the fast_composite_scaled_bilinear function in pixman-inlines.h, which triggers an infinite loop.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
redhat | enterprise_virtualization | 3.0 | |
redhat | enterprise_linux | 6.0 | |
palemoon | pale_moon | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:redhat:enterprise_virtualization:3.0:*:*:*:*:*:*:*", matchCriteriaId: "105130E9-D48E-4FB8-A715-E6438EC7E744", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*", matchCriteriaId: "2F6AB192-9D7D-4A9A-8995-E53A9DE9EAFC", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:palemoon:pale_moon:*:*:*:*:*:*:*:*", matchCriteriaId: "DC382A9A-521E-4EF7-8EAC-F262B26E4170", versionEndExcluding: "15.4", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Stack-based buffer overflow in libpixman, as used in Pale Moon before 15.4 and possibly other products, has unspecified impact and context-dependent attack vectors. NOTE: this issue might be resultant from an integer overflow in the fast_composite_scaled_bilinear function in pixman-inlines.h, which triggers an infinite loop.", }, { lang: "es", value: "Desbordamiento de búfer basado en pila en libpixman, utilizado en Pale Moon anterior a 15.4, tiene un impacto y vectores de ataque no especificados.", }, ], evaluatorComment: "Adding additional products per \n\nhttp://rhn.redhat.com/errata/RHSA-2013-0687.html\n\nRed Hat Enterprise Linux 6\n\nhttp://rhn.redhat.com/errata/RHSA-2013-0746.html\n\nRed Hat Enterprise Virtualization 3", id: "CVE-2013-1591", lastModified: "2024-11-21T01:49:56.713", metrics: { cvssMetricV2: [ { acInsufInfo: true, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 10, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:N/AC:L/Au:N/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 10, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2013-01-31T23:55:01.037", references: [ { source: "cve@mitre.org", tags: [ "Mailing List", "Patch", ], url: "http://cgit.freedesktop.org/pixman/commit/?id=de60e2e0e3eb6084f8f14b63f25b3cbfb012943f", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2013-0687.html", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2013-0746.html", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "http://www.mandriva.com/security/advisories?name=MDVSA-2013:116", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "http://www.palemoon.org/releasenotes-ng.shtml", }, { source: "cve@mitre.org", tags: [ "Exploit", "Issue Tracking", "Patch", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=910149", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://support.f5.com/csp/article/K51392553", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://wiki.mageia.org/en/Support/Advisories/MGASA-2013-0077", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Patch", ], url: "http://cgit.freedesktop.org/pixman/commit/?id=de60e2e0e3eb6084f8f14b63f25b3cbfb012943f", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2013-0687.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2013-0746.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://www.mandriva.com/security/advisories?name=MDVSA-2013:116", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://www.palemoon.org/releasenotes-ng.shtml", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Issue Tracking", "Patch", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=910149", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://support.f5.com/csp/article/K51392553", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://wiki.mageia.org/en/Support/Advisories/MGASA-2013-0077", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-190", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2017-09-26 01:29
Modified
2024-11-21 02:18
Severity ?
Summary
ovirt_safe_delete_config in ovirtfunctions.py and other unspecified locations in ovirt-node 3.0.0-474-gb852fd7 as packaged in Red Hat Enterprise Virtualization 3 do not properly quote input strings, which allows remote authenticated users and physically proximate attackers to execute arbitrary commands via a ; (semicolon) in an input string.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
ovirt | ovirt-node | 3.0.0-474-gb852fd7 | |
redhat | enterprise_virtualization | 3.0 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:ovirt:ovirt-node:3.0.0-474-gb852fd7:*:*:*:*:*:*:*", matchCriteriaId: "387E2048-91CC-4384-8572-5FB948B9BAD4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:a:redhat:enterprise_virtualization:3.0:*:*:*:*:*:*:*", matchCriteriaId: "105130E9-D48E-4FB8-A715-E6438EC7E744", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "ovirt_safe_delete_config in ovirtfunctions.py and other unspecified locations in ovirt-node 3.0.0-474-gb852fd7 as packaged in Red Hat Enterprise Virtualization 3 do not properly quote input strings, which allows remote authenticated users and physically proximate attackers to execute arbitrary commands via a ; (semicolon) in an input string.", }, { lang: "es", value: "ovirt_safe_delete_config en ovirtfunctions.py y otras localizaciones sin especificar en ovirt-node 3.0.0-474-gb852fd7 tal y como se incluye en Red Hat Enterprise Virtualization 3 no emplea comillas correctamente en las cadenas de entrada, lo que permite que los usuarios autenticados y atacantes cercanos físicamente puedan ejecutar comandos arbitrarios mediante un \";\" (punto y coma) en una cadena de ayuda.", }, ], id: "CVE-2014-8170", lastModified: "2024-11-21T02:18:42.257", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "COMPLETE", baseScore: 9, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:N/AC:L/Au:S/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 8, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 2.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2017-09-26T01:29:00.320", references: [ { source: "secalert@redhat.com", tags: [ "Issue Tracking", "Third Party Advisory", "VDB Entry", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1194745", }, { source: "secalert@redhat.com", url: "https://gerrit.ovirt.org/gitweb?p=ovirt-node.git%3Ba=blob%3Bf=src/ovirtnode/ovirtfunctions.py%3Bh=caef7ef019ca12b49aa3c030792538956fb4caad%3Bhb=e11e02cd9256c854dd0419515097637d6829b4f1#l1091", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Third Party Advisory", "VDB Entry", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1194745", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://gerrit.ovirt.org/gitweb?p=ovirt-node.git%3Ba=blob%3Bf=src/ovirtnode/ovirtfunctions.py%3Bh=caef7ef019ca12b49aa3c030792538956fb4caad%3Bhb=e11e02cd9256c854dd0419515097637d6829b4f1#l1091", }, ], sourceIdentifier: "secalert@redhat.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-134", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2016-10-03 18:59
Modified
2024-11-21 02:54
Severity ?
Summary
The ovirt-engine-provisiondb utility in Red Hat Enterprise Virtualization (RHEV) Engine 4.0 allows local users to obtain sensitive database provisioning information by reading log files.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
redhat | enterprise_virtualization | 4.0 | |
redhat | enterprise_linux | 7.0 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:redhat:enterprise_virtualization:4.0:*:*:*:*:*:*:*", matchCriteriaId: "12544770-1AF9-4DD3-BC72-579DA0BC0F3E", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*", matchCriteriaId: "142AD0DD-4CF3-4D74-9442-459CE3347E3A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "The ovirt-engine-provisiondb utility in Red Hat Enterprise Virtualization (RHEV) Engine 4.0 allows local users to obtain sensitive database provisioning information by reading log files.", }, { lang: "es", value: "La utilidad ovirt-engine-provisiondb en Red Hat Enterprise Virtualization (RHEV) Engine 4.0 permite a usuarios locales obtener información sensible del aprovisionamiento de la base de datos leyendo los archivos de registro.", }, ], id: "CVE-2016-5432", lastModified: "2024-11-21T02:54:18.063", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "LOW", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "NONE", baseScore: 2.1, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:L/AC:L/Au:N/C:P/I:N/A:N", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 3.3, baseSeverity: "LOW", confidentialityImpact: "LOW", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", version: "3.0", }, exploitabilityScore: 1.8, impactScore: 1.4, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2016-10-03T18:59:07.677", references: [ { source: "secalert@redhat.com", tags: [ "Vendor Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2016-1967.html", }, { source: "secalert@redhat.com", url: "http://www.securityfocus.com/bid/92694", }, { source: "secalert@redhat.com", tags: [ "Issue Tracking", "Patch", "Vendor Advisory", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1371428", }, { source: "secalert@redhat.com", tags: [ "Patch", ], url: "https://gerrit.ovirt.org/#/q/I40c88ad48f8f7c2b8e06802137870b0c198b5129", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2016-1967.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/bid/92694", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Patch", "Vendor Advisory", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1371428", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", ], url: "https://gerrit.ovirt.org/#/q/I40c88ad48f8f7c2b8e06802137870b0c198b5129", }, ], sourceIdentifier: "secalert@redhat.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-532", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2008-10-02 18:18
Modified
2024-11-21 00:49
Severity ?
Summary
Buffer overflow in the jas_stream_printf function in libjasper/base/jas_stream.c in JasPer 1.900.1 might allow context-dependent attackers to have an unknown impact via vectors related to the mif_hdr_put function and use of vsprintf.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
redhat | enterprise_virtualization | 3.5 | |
jasper_project | jasper | 1.900.1 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:redhat:enterprise_virtualization:3.5:*:*:*:*:*:*:*", matchCriteriaId: "AB7C9732-1E89-4EE1-B603-291A79B227C1", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:jasper_project:jasper:1.900.1:*:*:*:*:*:*:*", matchCriteriaId: "79C699BE-8585-4A07-88AE-E17CF17D92CD", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Buffer overflow in the jas_stream_printf function in libjasper/base/jas_stream.c in JasPer 1.900.1 might allow context-dependent attackers to have an unknown impact via vectors related to the mif_hdr_put function and use of vsprintf.", }, { lang: "es", value: "Desbordamiento de búfer en la función jas_stream_printf de libjasper/base/jas_stream.c en JasPer v1.900.1 puede permitir a atacantes dependientes de contexto tener un impacto desconocido a través de vectores relacionados con la función mif_hdr_put y la utilización de vsprintf.", }, ], id: "CVE-2008-3522", lastModified: "2024-11-21T00:49:27.300", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 10, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:N/AC:L/Au:N/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 10, impactScore: 10, obtainAllPrivilege: true, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2008-10-02T18:18:05.790", references: [ { source: "secalert@redhat.com", tags: [ "Exploit", ], url: "http://bugs.gentoo.org/attachment.cgi?id=163282&action=view", }, { source: "secalert@redhat.com", url: "http://bugs.gentoo.org/show_bug.cgi?id=222819", }, { source: "secalert@redhat.com", url: "http://rhn.redhat.com/errata/RHSA-2015-0698.html", }, { source: "secalert@redhat.com", url: "http://secunia.com/advisories/33173", }, { source: "secalert@redhat.com", url: "http://secunia.com/advisories/34391", }, { source: "secalert@redhat.com", url: "http://security.gentoo.org/glsa/glsa-200812-18.xml", }, { source: "secalert@redhat.com", url: "http://www.mandriva.com/security/advisories?name=MDVSA-2009:142", }, { source: "secalert@redhat.com", url: "http://www.mandriva.com/security/advisories?name=MDVSA-2009:144", }, { source: "secalert@redhat.com", url: "http://www.mandriva.com/security/advisories?name=MDVSA-2009:164", }, { source: "secalert@redhat.com", url: "http://www.securityfocus.com/bid/31470", }, { source: "secalert@redhat.com", url: "http://www.slackware.com/security/viewer.php?l=slackware-security&y=2015&m=slackware-security.538606", }, { source: "secalert@redhat.com", url: "http://www.ubuntu.com/usn/USN-742-1", }, { source: "secalert@redhat.com", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/45623", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", ], url: "http://bugs.gentoo.org/attachment.cgi?id=163282&action=view", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://bugs.gentoo.org/show_bug.cgi?id=222819", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://rhn.redhat.com/errata/RHSA-2015-0698.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://secunia.com/advisories/33173", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://secunia.com/advisories/34391", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://security.gentoo.org/glsa/glsa-200812-18.xml", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.mandriva.com/security/advisories?name=MDVSA-2009:142", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.mandriva.com/security/advisories?name=MDVSA-2009:144", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.mandriva.com/security/advisories?name=MDVSA-2009:164", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/bid/31470", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.slackware.com/security/viewer.php?l=slackware-security&y=2015&m=slackware-security.538606", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.ubuntu.com/usn/USN-742-1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/45623", }, ], sourceIdentifier: "secalert@redhat.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-119", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2013-09-16 19:14
Modified
2024-11-21 01:55
Severity ?
Summary
Cross-site scripting (XSS) vulnerability in the addAlert function in the RedirectServlet servlet in oVirt Engine and Red Hat Enterprise Virtualization Manager (RHEV-M), as used in Red Hat Enterprise Virtualization 3 and 3.2, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
redhat | enterprise_virtualization | 3.0 | |
redhat | enterprise_virtualization | 3.2 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:redhat:enterprise_virtualization:3.0:*:*:*:*:*:*:*", matchCriteriaId: "105130E9-D48E-4FB8-A715-E6438EC7E744", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:enterprise_virtualization:3.2:*:*:*:*:*:*:*", matchCriteriaId: "4CB24864-E9F3-4EE2-BFA4-9C6C1EB9EF8B", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Cross-site scripting (XSS) vulnerability in the addAlert function in the RedirectServlet servlet in oVirt Engine and Red Hat Enterprise Virtualization Manager (RHEV-M), as used in Red Hat Enterprise Virtualization 3 and 3.2, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.", }, { lang: "es", value: "Vulnerabilidad XSS en la función addAlert en RedirectServlet servlet en oVirt Engine y Red Hat Enterprise Virtualization Manager (RHEV-M), utilizado en Red Hat Enterprise Virtualization 3 y 3.2, permite a atacantes remotos inyectar secuencias de comandos web o HTML arbitrarias a través de vectores no especificados.", }, ], id: "CVE-2013-4181", lastModified: "2024-11-21T01:55:04.630", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 4.3, confidentialityImpact: "NONE", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:N/I:P/A:N", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2013-09-16T19:14:38.817", references: [ { source: "secalert@redhat.com", tags: [ "Vendor Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2013-1210.html", }, { source: "secalert@redhat.com", url: "https://bugzilla.redhat.com/show_bug.cgi?id=988774", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2013-1210.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://bugzilla.redhat.com/show_bug.cgi?id=988774", }, ], sourceIdentifier: "secalert@redhat.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-79", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2014-08-03 18:55
Modified
2024-11-21 02:11
Severity ?
Summary
libvirt 1.0.0 through 1.2.x before 1.2.5, when fine grained access control is enabled, allows local users to read arbitrary files via a crafted XML document containing an XML external entity declaration in conjunction with an entity reference to the (1) virDomainDefineXML, (2) virNetworkCreateXML, (3) virNetworkDefineXML, (4) virStoragePoolCreateXML, (5) virStoragePoolDefineXML, (6) virStorageVolCreateXML, (7) virDomainCreateXML, (8) virNodeDeviceCreateXML, (9) virInterfaceDefineXML, (10) virStorageVolCreateXMLFrom, (11) virConnectDomainXMLFromNative, (12) virConnectDomainXMLToNative, (13) virSecretDefineXML, (14) virNWFilterDefineXML, (15) virDomainSnapshotCreateXML, (16) virDomainSaveImageDefineXML, (17) virDomainCreateXMLWithFiles, (18) virConnectCompareCPU, or (19) virConnectBaselineCPU API method, related to an XML External Entity (XXE) issue. NOTE: this issue was SPLIT from CVE-2014-0179 per ADT3 due to different affected versions of some vectors.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
redhat | enterprise_virtualization | 3.0 | |
opensuse | opensuse | 12.3 | |
opensuse | opensuse | 13.1 | |
redhat | enterprise_linux | 6.0 | |
redhat | libvirt | 1.0.0 | |
redhat | libvirt | 1.0.1 | |
redhat | libvirt | 1.0.2 | |
redhat | libvirt | 1.0.3 | |
redhat | libvirt | 1.0.4 | |
redhat | libvirt | 1.0.5 | |
redhat | libvirt | 1.0.5.1 | |
redhat | libvirt | 1.0.5.2 | |
redhat | libvirt | 1.0.5.3 | |
redhat | libvirt | 1.0.5.4 | |
redhat | libvirt | 1.0.5.5 | |
redhat | libvirt | 1.0.5.6 | |
redhat | libvirt | 1.0.6 | |
redhat | libvirt | 1.1.0 | |
redhat | libvirt | 1.1.1 | |
redhat | libvirt | 1.1.2 | |
redhat | libvirt | 1.1.3 | |
redhat | libvirt | 1.1.4 | |
redhat | libvirt | 1.2.0 | |
redhat | libvirt | 1.2.1 | |
redhat | libvirt | 1.2.2 | |
redhat | libvirt | 1.2.3 | |
redhat | libvirt | 1.2.4 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:redhat:enterprise_virtualization:3.0:*:*:*:*:*:*:*", matchCriteriaId: "105130E9-D48E-4FB8-A715-E6438EC7E744", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:opensuse:12.3:*:*:*:*:*:*:*", matchCriteriaId: "DFBF430B-0832-44B0-AA0E-BA9E467F7668", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*", matchCriteriaId: "A10BC294-9196-425F-9FB0-B1625465B47F", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*", matchCriteriaId: "2F6AB192-9D7D-4A9A-8995-E53A9DE9EAFC", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:redhat:libvirt:1.0.0:*:*:*:*:*:*:*", matchCriteriaId: "E13A6AAE-BC1B-4CE1-B747-84F9C6B3FF73", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:libvirt:1.0.1:*:*:*:*:*:*:*", matchCriteriaId: "6DDA1805-ED8A-44AA-96FF-E676D278CCFD", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:libvirt:1.0.2:*:*:*:*:*:*:*", matchCriteriaId: "BBD82EEA-279F-42CA-8F4C-A4D57EEBAB0D", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:libvirt:1.0.3:*:*:*:*:*:*:*", matchCriteriaId: "320C2182-DBCF-4564-940A-D12673C73543", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:libvirt:1.0.4:*:*:*:*:*:*:*", matchCriteriaId: "EB635DBE-29F1-4055-A064-42539FC811C4", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:libvirt:1.0.5:*:*:*:*:*:*:*", matchCriteriaId: "67B77F63-C9AC-42D4-B9E2-4BBE196AC254", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:libvirt:1.0.5.1:*:*:*:*:*:*:*", matchCriteriaId: "3256288E-5A49-4DCD-AE30-6B4E21AEF970", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:libvirt:1.0.5.2:*:*:*:*:*:*:*", matchCriteriaId: "25E764AE-3B7C-4378-97C5-10E835511684", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:libvirt:1.0.5.3:*:*:*:*:*:*:*", matchCriteriaId: "49FEFFA5-371E-4B1D-AAAE-C71AEB79A4AF", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:libvirt:1.0.5.4:*:*:*:*:*:*:*", matchCriteriaId: "F982F65C-CBF9-4EE6-8FD6-C965141E42C9", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:libvirt:1.0.5.5:*:*:*:*:*:*:*", matchCriteriaId: "F4BF8152-79A4-48C6-88EB-9D3FA7466844", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:libvirt:1.0.5.6:*:*:*:*:*:*:*", matchCriteriaId: "A9E4DCDE-4D85-4339-99CB-70A464FA2EE9", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:libvirt:1.0.6:*:*:*:*:*:*:*", matchCriteriaId: "E03AF346-6F4E-4BEA-B29E-9C9C04148843", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:libvirt:1.1.0:*:*:*:*:*:*:*", matchCriteriaId: "54FAE380-0E7E-4468-A07B-5A9A3504F681", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:libvirt:1.1.1:*:*:*:*:*:*:*", matchCriteriaId: "FB4B1021-4D01-4D86-AED4-0418F8839FD6", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:libvirt:1.1.2:*:*:*:*:*:*:*", matchCriteriaId: "380686BB-7212-4285-BA00-B8EEAC6E1CC9", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:libvirt:1.1.3:*:*:*:*:*:*:*", matchCriteriaId: "7A331072-326A-4E72-84E2-E0424E6DDE30", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:libvirt:1.1.4:*:*:*:*:*:*:*", matchCriteriaId: "CB1666DD-AC49-477A-921C-8197F5EFECA6", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:libvirt:1.2.0:*:*:*:*:*:*:*", matchCriteriaId: "527B9236-CA4E-42A8-8C7A-2FB92BE2B4B9", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:libvirt:1.2.1:*:*:*:*:*:*:*", matchCriteriaId: "FA9572AC-1D6D-4AA1-AEF0-CB9143F38215", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:libvirt:1.2.2:*:*:*:*:*:*:*", matchCriteriaId: "3D6B6D6F-6CD3-43C3-B1EC-18DEC89DFDA6", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:libvirt:1.2.3:*:*:*:*:*:*:*", matchCriteriaId: "BF21D58D-6952-4C72-94C3-32421499AFCE", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:libvirt:1.2.4:*:*:*:*:*:*:*", matchCriteriaId: "83403472-4883-4914-846A-3C3E912C5573", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "libvirt 1.0.0 through 1.2.x before 1.2.5, when fine grained access control is enabled, allows local users to read arbitrary files via a crafted XML document containing an XML external entity declaration in conjunction with an entity reference to the (1) virDomainDefineXML, (2) virNetworkCreateXML, (3) virNetworkDefineXML, (4) virStoragePoolCreateXML, (5) virStoragePoolDefineXML, (6) virStorageVolCreateXML, (7) virDomainCreateXML, (8) virNodeDeviceCreateXML, (9) virInterfaceDefineXML, (10) virStorageVolCreateXMLFrom, (11) virConnectDomainXMLFromNative, (12) virConnectDomainXMLToNative, (13) virSecretDefineXML, (14) virNWFilterDefineXML, (15) virDomainSnapshotCreateXML, (16) virDomainSaveImageDefineXML, (17) virDomainCreateXMLWithFiles, (18) virConnectCompareCPU, or (19) virConnectBaselineCPU API method, related to an XML External Entity (XXE) issue. NOTE: this issue was SPLIT from CVE-2014-0179 per ADT3 due to different affected versions of some vectors.", }, { lang: "es", value: "libvirt 1.0.0 hasta 1.2.x anterior a 1.2.5, cuando el control de acceso detallado está habilitado, permite a usuarios locales leer ficheros arbitrarios a través de un documento XML manipulado que contiene una declaración de entidad externa XML en conjunto con una referencia de entidad en el método API (1) virDomainDefineXML, (2) virNetworkCreateXML, (3) virNetworkDefineXML, (4) virStoragePoolCreateXML, (5) virStoragePoolDefineXML, (6) virStorageVolCreateXML, (7) virDomainCreateXML, (8) virNodeDeviceCreateXML, (9) virInterfaceDefineXML, (10) virStorageVolCreateXMLFrom, (11) virConnectDomainXMLFromNative, (12) virConnectDomainXMLToNative, (13) virSecretDefineXML, (14) virNWFilterDefineXML, (15) virDomainSnapshotCreateXML, (16) virDomainSaveImageDefineXML, (17) virDomainCreateXMLWithFiles, (18) virConnectCompareCPU o (19) virConnectBaselineCPU, relacionado con un problema de entidad externa XML (XXE). NOTA: este problema ha sido dividido (SPLIT) del CVE-2014-0179 por ADT3 debido a las diferentes versiones afectadas de algunos vectores.", }, ], id: "CVE-2014-5177", lastModified: "2024-11-21T02:11:33.197", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "LOW", cvssData: { accessComplexity: "HIGH", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "NONE", baseScore: 1.2, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:L/AC:H/Au:N/C:P/I:N/A:N", version: "2.0", }, exploitabilityScore: 1.9, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2014-08-03T18:55:05.693", references: [ { source: "cve@mitre.org", url: "http://libvirt.org/news.html", }, { source: "cve@mitre.org", url: "http://lists.opensuse.org/opensuse-updates/2014-05/msg00048.html", }, { source: "cve@mitre.org", url: "http://lists.opensuse.org/opensuse-updates/2014-05/msg00052.html", }, { source: "cve@mitre.org", url: "http://rhn.redhat.com/errata/RHSA-2014-0560.html", }, { source: "cve@mitre.org", url: "http://secunia.com/advisories/60895", }, { source: "cve@mitre.org", url: "http://security.gentoo.org/glsa/glsa-201412-04.xml", }, { source: "cve@mitre.org", tags: [ "Patch", "Vendor Advisory", ], url: "http://security.libvirt.org/2014/0003.html", }, { source: "cve@mitre.org", url: "http://www.ubuntu.com/usn/USN-2366-1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://libvirt.org/news.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.opensuse.org/opensuse-updates/2014-05/msg00048.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.opensuse.org/opensuse-updates/2014-05/msg00052.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://rhn.redhat.com/errata/RHSA-2014-0560.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://secunia.com/advisories/60895", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://security.gentoo.org/glsa/glsa-201412-04.xml", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "http://security.libvirt.org/2014/0003.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.ubuntu.com/usn/USN-2366-1", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-20", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2020-02-25 21:15
Modified
2024-11-21 02:32
Severity ?
Summary
VDSM and libvirt in Red Hat Enterprise Virtualization Hypervisor (aka RHEV-H) 7-7.x before 7-7.2-20151119.0 and 6-6.x before 6-6.7-20151117.0 as packaged in Red Hat Enterprise Virtualization before 3.5.6 when VSDM is run with -spice disable-ticketing and a VM is suspended and then restored, allows remote attackers to log in without authentication via unspecified vectors.
References
▼ | URL | Tags | |
---|---|---|---|
secalert@redhat.com | https://access.redhat.com/security/cve/cve-2015-5201 | Vendor Advisory | |
secalert@redhat.com | https://bugzilla.redhat.com/show_bug.cgi?id=1253882 | Issue Tracking, Vendor Advisory | |
secalert@redhat.com | https://bugzilla.redhat.com/show_bug.cgi?id=1273144 | Issue Tracking, Vendor Advisory | |
secalert@redhat.com | https://rhn.redhat.com/errata/RHEA-2015-2527.html | Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://access.redhat.com/security/cve/cve-2015-5201 | Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/show_bug.cgi?id=1253882 | Issue Tracking, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/show_bug.cgi?id=1273144 | Issue Tracking, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://rhn.redhat.com/errata/RHEA-2015-2527.html | Vendor Advisory |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
redhat | enterprise_virtualization | * | |
redhat | enterprise_virtualization_hypervisor | * | |
redhat | enterprise_virtualization_hypervisor | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:redhat:enterprise_virtualization:*:*:*:*:*:*:*:*", matchCriteriaId: "E448B3E1-42A5-48E3-9F6E-A5C4FAC7C3C2", versionEndExcluding: "3.5.6", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:enterprise_virtualization_hypervisor:*:*:*:*:*:*:*:*", matchCriteriaId: "DE31D534-0B91-48EA-BEFB-4C23BB7FA348", versionEndExcluding: "6-6.7-20151117.0", versionStartIncluding: "6-6.0", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:enterprise_virtualization_hypervisor:*:*:*:*:*:*:*:*", matchCriteriaId: "EDAA94DE-A71F-4FFA-8DE8-453B249D3F19", versionEndExcluding: "7-7.2-20151119.0", versionStartIncluding: "7-7.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "VDSM and libvirt in Red Hat Enterprise Virtualization Hypervisor (aka RHEV-H) 7-7.x before 7-7.2-20151119.0 and 6-6.x before 6-6.7-20151117.0 as packaged in Red Hat Enterprise Virtualization before 3.5.6 when VSDM is run with -spice disable-ticketing and a VM is suspended and then restored, allows remote attackers to log in without authentication via unspecified vectors.", }, { lang: "es", value: "VDSM y libvirt en Red Hat Enterprise Virtualization Hypervisor (también se conoce como RHEV-H) versiones 7-7.x anteriores a 7-7.2-20151119.0 y versiones 6-6.x anteriores a 6-6.7-20151117.0, como es paquetizado en Red Hat Enterprise Virtualization versiones anteriores a 3.5.6, cuando VSDM se ejecuta con -spice disable-ticketing y una VM es suspendida y luego restaurada, permite a atacantes remotos iniciar sesión sin autenticación por medio de vectores no especificados.", }, ], id: "CVE-2015-5201", lastModified: "2024-11-21T02:32:32.893", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 5, confidentialityImpact: "NONE", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:L/Au:N/C:N/I:P/A:N", version: "2.0", }, exploitabilityScore: 10, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-02-25T21:15:10.750", references: [ { source: "secalert@redhat.com", tags: [ "Vendor Advisory", ], url: "https://access.redhat.com/security/cve/cve-2015-5201", }, { source: "secalert@redhat.com", tags: [ "Issue Tracking", "Vendor Advisory", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1253882", }, { source: "secalert@redhat.com", tags: [ "Issue Tracking", "Vendor Advisory", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1273144", }, { source: "secalert@redhat.com", tags: [ "Vendor Advisory", ], url: "https://rhn.redhat.com/errata/RHEA-2015-2527.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://access.redhat.com/security/cve/cve-2015-5201", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Vendor Advisory", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1253882", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Vendor Advisory", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1273144", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://rhn.redhat.com/errata/RHEA-2015-2527.html", }, ], sourceIdentifier: "secalert@redhat.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-306", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2013-08-19 23:55
Modified
2024-11-21 01:46
Severity ?
Summary
VDSM in Red Hat Enterprise Virtualization 3 and 3.2 allows privileged guest users to cause the host to become "unavailable to the managment server" via guestInfo dictionaries with "unexpected fields."
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
redhat | enterprise_virtualization | 3.0 | |
redhat | enterprise_virtualization | 3.2 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:redhat:enterprise_virtualization:3.0:*:*:*:*:*:*:*", matchCriteriaId: "105130E9-D48E-4FB8-A715-E6438EC7E744", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:enterprise_virtualization:3.2:*:*:*:*:*:*:*", matchCriteriaId: "4CB24864-E9F3-4EE2-BFA4-9C6C1EB9EF8B", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "VDSM in Red Hat Enterprise Virtualization 3 and 3.2 allows privileged guest users to cause the host to become \"unavailable to the managment server\" via guestInfo dictionaries with \"unexpected fields.\"", }, { lang: "es", value: "VDSM en Red Hat Enterprise Virtualization 3 y 3.2, permite a usuarios invitados con privilegios provocar que la maquina anfitriona \"no esté disponible para el servidor de gestión\" a través de diccionarios \"guestInfo\" con \"campos inesperados\".", }, ], id: "CVE-2013-0167", lastModified: "2024-11-21T01:46:58.917", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "LOW", cvssData: { accessComplexity: "LOW", accessVector: "ADJACENT_NETWORK", authentication: "SINGLE", availabilityImpact: "PARTIAL", baseScore: 2.7, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:A/AC:L/Au:S/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 5.1, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2013-08-19T23:55:08.197", references: [ { source: "secalert@redhat.com", url: "https://bugzilla.redhat.com/show_bug.cgi?id=893332", }, { source: "secalert@redhat.com", tags: [ "Vendor Advisory", ], url: "https://rhn.redhat.com/errata/RHSA-2013-0886.html", }, { source: "secalert@redhat.com", tags: [ "Vendor Advisory", ], url: "https://rhn.redhat.com/errata/RHSA-2013-0907.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://bugzilla.redhat.com/show_bug.cgi?id=893332", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://rhn.redhat.com/errata/RHSA-2013-0886.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://rhn.redhat.com/errata/RHSA-2013-0907.html", }, ], sourceIdentifier: "secalert@redhat.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-Other", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }