Redhat

Enterprise Virtualization

35 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.2

CVE-2013-2152

  • EPSS 0.07%
  • Published 21.01.2014 18:55:09
  • Last modified 11.04.2025 00:51:21

Unquoted Windows search path vulnerability in the SPICE service, as used in Red Hat Enterprise Virtualization (RHEV) 3.2, allows local users to gain privileges via a crafted application in an unspecified folder.

7.2

CVE-2013-2151

  • EPSS 0.07%
  • Published 21.01.2014 18:55:09
  • Last modified 11.04.2025 00:51:21

Unquoted Windows search path vulnerability in Red Hat Enterprise Virtualization (RHEV) 3 and 3.2 allows local users to gain privileges via a crafted application in an unspecified folder.

5

CVE-2013-4282

Exploit
  • EPSS 1.51%
  • Published 02.11.2013 19:55:04
  • Last modified 11.04.2025 00:51:21

Stack-based buffer overflow in the reds_handle_ticket function in server/reds.c in SPICE 0.12.0 allows remote attackers to cause a denial of service (crash) via a long password in a SPICE ticket.

4.3

CVE-2013-4181

  • EPSS 0.26%
  • Published 16.09.2013 19:14:38
  • Last modified 11.04.2025 00:51:21

Cross-site scripting (XSS) vulnerability in the addAlert function in the RedirectServlet servlet in oVirt Engine and Red Hat Enterprise Virtualization Manager (RHEV-M), as used in Red Hat Enterprise Virtualization 3 and 3.2, allows remote attackers t...

7.2

CVE-2013-2176

  • EPSS 0.05%
  • Published 28.08.2013 21:55:08
  • Last modified 11.04.2025 00:51:21

Unquoted Windows search path vulnerability in the Red Hat Enterprise Virtualization Application Provisioning Tool (RHEV-APT) in the rhev-guest-tools-iso package 3.2 allows local users to gain privileges via a Trojan horse application.

2.7

CVE-2013-4236

  • EPSS 0.1%
  • Published 19.08.2013 23:55:08
  • Last modified 11.04.2025 00:51:21

VDSM in Red Hat Enterprise Virtualization 3 and 3.2 allows privileged guest users to cause the host to become "unavailable to the managment server" via invalid XML characters in a guest agent response. NOTE: this issue is due to an incomplete fix fo...

2.7

CVE-2013-0167

  • EPSS 0.1%
  • Published 19.08.2013 23:55:08
  • Last modified 11.04.2025 00:51:21

VDSM in Red Hat Enterprise Virtualization 3 and 3.2 allows privileged guest users to cause the host to become "unavailable to the managment server" via guestInfo dictionaries with "unexpected fields."

10

CVE-2013-1591

Exploit
  • EPSS 1.39%
  • Published 31.01.2013 23:55:01
  • Last modified 11.04.2025 00:51:21

Stack-based buffer overflow in libpixman, as used in Pale Moon before 15.4 and possibly other products, has unspecified impact and context-dependent attack vectors. NOTE: this issue might be resultant from an integer overflow in the fast_composite_s...

5.7

CVE-2010-2811

  • EPSS 0.33%
  • Published 24.08.2010 18:00:39
  • Last modified 11.04.2025 00:51:21

Virtual Desktop Server Manager (VDSM) in Red Hat Enterprise Virtualization (RHEV) 2.2 does not properly accept TCP connections for SSL sessions, which allows remote attackers to cause a denial of service (daemon outage) via crafted SSL traffic.

6.6

CVE-2010-2784

  • EPSS 0.05%
  • Published 24.08.2010 18:00:39
  • Last modified 11.04.2025 00:51:21

The subpage MMIO initialization functionality in the subpage_register function in exec.c in QEMU-KVM, as used in the Hypervisor (aka rhev-hypervisor) in Red Hat Enterprise Virtualization (RHEV) 2.2 and KVM 83, does not properly select the index for a...