Redhat

Virtualization

124 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
4.9

CVE-2024-7259

  • EPSS 0.06%
  • Veröffentlicht 26.09.2024 16:15:08
  • Zuletzt bearbeitet 30.07.2025 15:46:46

A flaw was found in oVirt. A user with administrator privileges, including users with the ReadOnlyAdmin permission, may be able to use browser developer tools to view Provider passwords in cleartext.

5.5

CVE-2023-5366

  • EPSS 0.03%
  • Veröffentlicht 06.10.2023 18:15:12
  • Zuletzt bearbeitet 21.11.2024 08:41:37

A flaw was found in Open vSwitch that allows ICMPv6 Neighbor Advertisement packets between virtual machines to bypass OpenFlow rules. This issue may allow a local attacker to create specially crafted packets with a modified or spoofed target IP addre...

7.8

CVE-2023-4911

Warnung Exploit
  • EPSS 78.36%
  • Veröffentlicht 03.10.2023 18:15:10
  • Zuletzt bearbeitet 06.05.2025 21:02:34

A buffer overflow was discovered in the GNU C Library's dynamic loader ld.so while processing the GLIBC_TUNABLES environment variable. This issue could allow a local attacker to use maliciously crafted GLIBC_TUNABLES environment variables when launch...

8.2

CVE-2023-1668

  • EPSS 0.09%
  • Veröffentlicht 10.04.2023 22:15:09
  • Zuletzt bearbeitet 23.04.2025 17:16:28

A flaw was found in openvswitch (OVS). When processing an IP packet with protocol 0, OVS will install the datapath flow without the action modifying the IP header. This issue results (for both kernel and userspace datapath) in installing a datapath f...

6.5

CVE-2022-2805

  • EPSS 0.1%
  • Veröffentlicht 19.10.2022 18:15:12
  • Zuletzt bearbeitet 09.05.2025 15:15:53

A flaw was found in ovirt-engine, which leads to the logging of plaintext passwords in the log file when using otapi-style. This flaw allows an attacker with sufficient privileges to read the log file, leading to confidentiality loss.

8.6

CVE-2014-0144

  • EPSS 0.41%
  • Veröffentlicht 29.09.2022 03:15:11
  • Zuletzt bearbeitet 21.11.2024 02:01:28

QEMU before 2.0.0 block drivers for CLOOP, QCOW2 version 2 and various other image formats are vulnerable to potential memory corruptions, integer/buffer overflows or crash caused by missing input validations which could allow a remote user to execut...

6.2

CVE-2014-0147

  • EPSS 0.08%
  • Veröffentlicht 29.09.2022 03:15:11
  • Zuletzt bearbeitet 21.11.2024 02:01:28

Qemu before 1.6.2 block diver for the various disk image formats used by Bochs and for the QCOW version 2 format, are vulnerable to a possible crash caused by signed data types or a logic error while creating QCOW2 snapshots, which leads to incorrect...

5.5

CVE-2014-0148

  • EPSS 0.08%
  • Veröffentlicht 29.09.2022 03:15:11
  • Zuletzt bearbeitet 21.11.2024 02:01:28

Qemu before 2.0 block driver for Hyper-V VHDX Images is vulnerable to infinite loops and other potential issues when calculating BAT entries, due to missing bounds checks for block_size and logical_sector_size variables. These are used to derive othe...

8.6

CVE-2022-2132

Exploit
  • EPSS 0.69%
  • Veröffentlicht 31.08.2022 16:15:10
  • Zuletzt bearbeitet 21.11.2024 07:00:23

A permissive list of allowed inputs flaw was found in DPDK. This issue allows a remote attacker to cause a denial of service triggered by sending a crafted Vhost header to DPDK.

4.7

CVE-2022-0207

  • EPSS 0.06%
  • Veröffentlicht 26.08.2022 18:15:08
  • Zuletzt bearbeitet 21.11.2024 06:38:08

A race condition was found in vdsm. Functionality to obfuscate sensitive values in log files that may lead to values being stored in clear text.