All the vulnerabilites related to redhat - enterprise_virtualization
cve-2015-1841
Vulnerability from cvelistv5
Published
2015-09-08 15:00
Modified
2024-08-06 04:54
Severity ?
EPSS score ?
Summary
The Web Admin interface in Red Hat Enterprise Virtualization Manager (RHEV-M) allows local users to bypass the timeout function by selecting a VM in the VM grid view.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securitytracker.com/id/1033459 | vdb-entry, x_refsource_SECTRACK | |
| http://rhn.redhat.com/errata/RHSA-2015-1713.html | vendor-advisory, x_refsource_REDHAT |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T04:54:16.320Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1033459",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1033459"
},
{
"name": "RHSA-2015:1713",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1713.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-09-03T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The Web Admin interface in Red Hat Enterprise Virtualization Manager (RHEV-M) allows local users to bypass the timeout function by selecting a VM in the VM grid view."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2015-09-08T14:57:02",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "1033459",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1033459"
},
{
"name": "RHSA-2015:1713",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1713.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2015-1841",
"datePublished": "2015-09-08T15:00:00",
"dateReserved": "2015-02-17T00:00:00",
"dateUpdated": "2024-08-06T04:54:16.320Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2015-3456
Vulnerability from cvelistv5
Published
2015-05-13 18:00
Modified
2024-08-06 05:47
Severity ?
EPSS score ?
Summary
The Floppy Disk Controller (FDC) in QEMU, as used in Xen 4.5.x and earlier and KVM, allows local guest users to cause a denial of service (out-of-bounds write and guest crash) or possibly execute arbitrary code via the (1) FD_CMD_READ_ID, (2) FD_CMD_DRIVE_SPECIFICATION_COMMAND, or other unspecified commands, aka VENOM.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T05:47:57.892Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "37053",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/37053/"
},
{
"name": "1032306",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1032306"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html"
},
{
"name": "SUSE-SU-2015:0889",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00009.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://kb.juniper.net/JSA10783"
},
{
"name": "DSA-3259",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2015/dsa-3259"
},
{
"name": "SUSE-SU-2015:0929",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00021.html"
},
{
"name": "SUSE-SU-2015:0896",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00042.html"
},
{
"name": "GLSA-201612-27",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201612-27"
},
{
"name": "RHSA-2015:0999",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-0999.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10118"
},
{
"name": "SUSE-SU-2015:0923",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00018.html"
},
{
"name": "RHSA-2015:1001",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1001.html"
},
{
"name": "HPSBMU03336",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=143229451215900\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.citrix.com/article/CTX201078"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://xenbits.xen.org/xsa/advisory-133.html"
},
{
"name": "RHSA-2015:1003",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1003.html"
},
{
"name": "openSUSE-SU-2015:0893",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00013.html"
},
{
"name": "1032917",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1032917"
},
{
"name": "HPSBMU03349",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=143387998230996\u0026w=2"
},
{
"name": "RHSA-2015:0998",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-0998.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.suse.com/security/cve/CVE-2015-3456.html"
},
{
"name": "openSUSE-SU-2015:0894",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00014.html"
},
{
"name": "FEDORA-2015-8249",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/158072.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bto.bluecoat.com/security-advisory/sa95"
},
{
"name": "RHSA-2015:1004",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1004.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://venom.crowdstrike.com/"
},
{
"name": "RHSA-2015:1011",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1011.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.lenovo.com/us/en/product_security/venom"
},
{
"name": "SUSE-SU-2015:0927",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00019.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://git.qemu.org/?p=qemu.git%3Ba=commitdiff%3Bh=e907746266721f305d67bc0718795fedee2e824c"
},
{
"name": "GLSA-201604-03",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201604-03"
},
{
"name": "RHSA-2015:1002",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1002.html"
},
{
"name": "USN-2608-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2608-1"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://securityblog.redhat.com/2015/05/13/venom-dont-get-bitten/"
},
{
"name": "openSUSE-SU-2015:0983",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00001.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10693"
},
{
"name": "1032311",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1032311"
},
{
"name": "SSRT102076",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=143229451215900\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www1.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-438937.htm"
},
{
"name": "DSA-3262",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2015/dsa-3262"
},
{
"name": "GLSA-201602-01",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201602-01"
},
{
"name": "openSUSE-SU-2015:1400",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2015-08/msg00021.html"
},
{
"name": "74640",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/74640"
},
{
"name": "DSA-3274",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2015/dsa-3274"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.fortiguard.com/advisory/2015-05-19-cve-2015-3456-venom-vulnerability"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://access.redhat.com/articles/1444903"
},
{
"name": "RHSA-2015:1000",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1000.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.arista.com/en/support/advisories-notices/security-advisories/1128-security-advisory-10"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-05-13T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The Floppy Disk Controller (FDC) in QEMU, as used in Xen 4.5.x and earlier and KVM, allows local guest users to cause a denial of service (out-of-bounds write and guest crash) or possibly execute arbitrary code via the (1) FD_CMD_READ_ID, (2) FD_CMD_DRIVE_SPECIFICATION_COMMAND, or other unspecified commands, aka VENOM."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-11-05T16:32:45",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "37053",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/37053/"
},
{
"name": "1032306",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1032306"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html"
},
{
"name": "SUSE-SU-2015:0889",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00009.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://kb.juniper.net/JSA10783"
},
{
"name": "DSA-3259",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2015/dsa-3259"
},
{
"name": "SUSE-SU-2015:0929",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00021.html"
},
{
"name": "SUSE-SU-2015:0896",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00042.html"
},
{
"name": "GLSA-201612-27",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201612-27"
},
{
"name": "RHSA-2015:0999",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-0999.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10118"
},
{
"name": "SUSE-SU-2015:0923",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00018.html"
},
{
"name": "RHSA-2015:1001",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1001.html"
},
{
"name": "HPSBMU03336",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=143229451215900\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.citrix.com/article/CTX201078"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://xenbits.xen.org/xsa/advisory-133.html"
},
{
"name": "RHSA-2015:1003",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1003.html"
},
{
"name": "openSUSE-SU-2015:0893",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00013.html"
},
{
"name": "1032917",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1032917"
},
{
"name": "HPSBMU03349",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=143387998230996\u0026w=2"
},
{
"name": "RHSA-2015:0998",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-0998.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.suse.com/security/cve/CVE-2015-3456.html"
},
{
"name": "openSUSE-SU-2015:0894",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00014.html"
},
{
"name": "FEDORA-2015-8249",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/158072.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bto.bluecoat.com/security-advisory/sa95"
},
{
"name": "RHSA-2015:1004",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1004.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://venom.crowdstrike.com/"
},
{
"name": "RHSA-2015:1011",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1011.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.lenovo.com/us/en/product_security/venom"
},
{
"name": "SUSE-SU-2015:0927",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00019.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://git.qemu.org/?p=qemu.git%3Ba=commitdiff%3Bh=e907746266721f305d67bc0718795fedee2e824c"
},
{
"name": "GLSA-201604-03",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201604-03"
},
{
"name": "RHSA-2015:1002",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1002.html"
},
{
"name": "USN-2608-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2608-1"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://securityblog.redhat.com/2015/05/13/venom-dont-get-bitten/"
},
{
"name": "openSUSE-SU-2015:0983",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00001.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10693"
},
{
"name": "1032311",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1032311"
},
{
"name": "SSRT102076",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=143229451215900\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www1.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-438937.htm"
},
{
"name": "DSA-3262",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2015/dsa-3262"
},
{
"name": "GLSA-201602-01",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201602-01"
},
{
"name": "openSUSE-SU-2015:1400",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2015-08/msg00021.html"
},
{
"name": "74640",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/74640"
},
{
"name": "DSA-3274",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2015/dsa-3274"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.fortiguard.com/advisory/2015-05-19-cve-2015-3456-venom-vulnerability"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://access.redhat.com/articles/1444903"
},
{
"name": "RHSA-2015:1000",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1000.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.arista.com/en/support/advisories-notices/security-advisories/1128-security-advisory-10"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-3456",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Floppy Disk Controller (FDC) in QEMU, as used in Xen 4.5.x and earlier and KVM, allows local guest users to cause a denial of service (out-of-bounds write and guest crash) or possibly execute arbitrary code via the (1) FD_CMD_READ_ID, (2) FD_CMD_DRIVE_SPECIFICATION_COMMAND, or other unspecified commands, aka VENOM."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "37053",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/37053/"
},
{
"name": "1032306",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1032306"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html"
},
{
"name": "SUSE-SU-2015:0889",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00009.html"
},
{
"name": "https://kb.juniper.net/JSA10783",
"refsource": "CONFIRM",
"url": "https://kb.juniper.net/JSA10783"
},
{
"name": "DSA-3259",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2015/dsa-3259"
},
{
"name": "SUSE-SU-2015:0929",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00021.html"
},
{
"name": "SUSE-SU-2015:0896",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00042.html"
},
{
"name": "GLSA-201612-27",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201612-27"
},
{
"name": "RHSA-2015:0999",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-0999.html"
},
{
"name": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10118",
"refsource": "CONFIRM",
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10118"
},
{
"name": "SUSE-SU-2015:0923",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00018.html"
},
{
"name": "RHSA-2015:1001",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1001.html"
},
{
"name": "HPSBMU03336",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=143229451215900\u0026w=2"
},
{
"name": "http://support.citrix.com/article/CTX201078",
"refsource": "CONFIRM",
"url": "http://support.citrix.com/article/CTX201078"
},
{
"name": "http://xenbits.xen.org/xsa/advisory-133.html",
"refsource": "CONFIRM",
"url": "http://xenbits.xen.org/xsa/advisory-133.html"
},
{
"name": "RHSA-2015:1003",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1003.html"
},
{
"name": "openSUSE-SU-2015:0893",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00013.html"
},
{
"name": "1032917",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1032917"
},
{
"name": "HPSBMU03349",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=143387998230996\u0026w=2"
},
{
"name": "RHSA-2015:0998",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-0998.html"
},
{
"name": "https://www.suse.com/security/cve/CVE-2015-3456.html",
"refsource": "CONFIRM",
"url": "https://www.suse.com/security/cve/CVE-2015-3456.html"
},
{
"name": "openSUSE-SU-2015:0894",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00014.html"
},
{
"name": "FEDORA-2015-8249",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/158072.html"
},
{
"name": "https://bto.bluecoat.com/security-advisory/sa95",
"refsource": "CONFIRM",
"url": "https://bto.bluecoat.com/security-advisory/sa95"
},
{
"name": "RHSA-2015:1004",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1004.html"
},
{
"name": "http://venom.crowdstrike.com/",
"refsource": "MISC",
"url": "http://venom.crowdstrike.com/"
},
{
"name": "RHSA-2015:1011",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1011.html"
},
{
"name": "https://support.lenovo.com/us/en/product_security/venom",
"refsource": "CONFIRM",
"url": "https://support.lenovo.com/us/en/product_security/venom"
},
{
"name": "SUSE-SU-2015:0927",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00019.html"
},
{
"name": "http://git.qemu.org/?p=qemu.git;a=commitdiff;h=e907746266721f305d67bc0718795fedee2e824c",
"refsource": "CONFIRM",
"url": "http://git.qemu.org/?p=qemu.git;a=commitdiff;h=e907746266721f305d67bc0718795fedee2e824c"
},
{
"name": "GLSA-201604-03",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201604-03"
},
{
"name": "RHSA-2015:1002",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1002.html"
},
{
"name": "USN-2608-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2608-1"
},
{
"name": "https://securityblog.redhat.com/2015/05/13/venom-dont-get-bitten/",
"refsource": "CONFIRM",
"url": "https://securityblog.redhat.com/2015/05/13/venom-dont-get-bitten/"
},
{
"name": "openSUSE-SU-2015:0983",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00001.html"
},
{
"name": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10693",
"refsource": "CONFIRM",
"url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10693"
},
{
"name": "1032311",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1032311"
},
{
"name": "SSRT102076",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=143229451215900\u0026w=2"
},
{
"name": "http://www1.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-438937.htm",
"refsource": "CONFIRM",
"url": "http://www1.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-438937.htm"
},
{
"name": "DSA-3262",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2015/dsa-3262"
},
{
"name": "GLSA-201602-01",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201602-01"
},
{
"name": "openSUSE-SU-2015:1400",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2015-08/msg00021.html"
},
{
"name": "74640",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/74640"
},
{
"name": "DSA-3274",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2015/dsa-3274"
},
{
"name": "http://www.fortiguard.com/advisory/2015-05-19-cve-2015-3456-venom-vulnerability",
"refsource": "CONFIRM",
"url": "http://www.fortiguard.com/advisory/2015-05-19-cve-2015-3456-venom-vulnerability"
},
{
"name": "https://access.redhat.com/articles/1444903",
"refsource": "CONFIRM",
"url": "https://access.redhat.com/articles/1444903"
},
{
"name": "RHSA-2015:1000",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1000.html"
},
{
"name": "https://www.arista.com/en/support/advisories-notices/security-advisories/1128-security-advisory-10",
"refsource": "MISC",
"url": "https://www.arista.com/en/support/advisories-notices/security-advisories/1128-security-advisory-10"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2015-3456",
"datePublished": "2015-05-13T18:00:00",
"dateReserved": "2015-04-29T00:00:00",
"dateUpdated": "2024-08-06T05:47:57.892Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2010-2811
Vulnerability from cvelistv5
Published
2010-08-24 17:00
Modified
2024-08-07 02:46
Severity ?
EPSS score ?
Summary
Virtual Desktop Server Manager (VDSM) in Red Hat Enterprise Virtualization (RHEV) 2.2 does not properly accept TCP connections for SSL sessions, which allows remote attackers to cause a denial of service (daemon outage) via crafted SSL traffic.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/42580 | vdb-entry, x_refsource_BID | |
| https://rhn.redhat.com/errata/RHSA-2010-0622.html | vendor-advisory, x_refsource_REDHAT | |
| https://rhn.redhat.com/errata/RHSA-2010-0628.html | vendor-advisory, x_refsource_REDHAT | |
| https://bugzilla.redhat.com/show_bug.cgi?id=622928 | x_refsource_CONFIRM | |
| http://securitytracker.com/id?1024347 | vdb-entry, x_refsource_SECTRACK |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T02:46:48.175Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "42580",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/42580"
},
{
"name": "RHSA-2010:0622",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://rhn.redhat.com/errata/RHSA-2010-0622.html"
},
{
"name": "RHSA-2010:0628",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://rhn.redhat.com/errata/RHSA-2010-0628.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=622928"
},
{
"name": "1024347",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1024347"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Virtual Desktop Server Manager (VDSM) in Red Hat Enterprise Virtualization (RHEV) 2.2 does not properly accept TCP connections for SSL sessions, which allows remote attackers to cause a denial of service (daemon outage) via crafted SSL traffic."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2010-08-24T17:00:00Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "42580",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/42580"
},
{
"name": "RHSA-2010:0622",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://rhn.redhat.com/errata/RHSA-2010-0622.html"
},
{
"name": "RHSA-2010:0628",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://rhn.redhat.com/errata/RHSA-2010-0628.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=622928"
},
{
"name": "1024347",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1024347"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2010-2811",
"datePublished": "2010-08-24T17:00:00Z",
"dateReserved": "2010-07-22T00:00:00Z",
"dateUpdated": "2024-08-07T02:46:48.175Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2013-2152
Vulnerability from cvelistv5
Published
2014-01-21 18:00
Modified
2024-08-06 15:27
Severity ?
EPSS score ?
Summary
Unquoted Windows search path vulnerability in the SPICE service, as used in Red Hat Enterprise Virtualization (RHEV) 3.2, allows local users to gain privileges via a crafted application in an unspecified folder.
References
| ▼ | URL | Tags |
|---|---|---|
| http://rhn.redhat.com/errata/RHSA-2013-0924.html | vendor-advisory, x_refsource_REDHAT | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/84866 | vdb-entry, x_refsource_XF | |
| http://rhn.redhat.com/errata/RHSA-2013-0925.html | vendor-advisory, x_refsource_REDHAT | |
| http://www.securityfocus.com/bid/60475 | vdb-entry, x_refsource_BID | |
| https://bugzilla.redhat.com/show_bug.cgi?id=971172 | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T15:27:40.814Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "RHSA-2013:0924",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-0924.html"
},
{
"name": "enterprise-cve20132152-priv-esc(84866)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/84866"
},
{
"name": "RHSA-2013:0925",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-0925.html"
},
{
"name": "60475",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/60475"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=971172"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-06-10T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unquoted Windows search path vulnerability in the SPICE service, as used in Red Hat Enterprise Virtualization (RHEV) 3.2, allows local users to gain privileges via a crafted application in an unspecified folder."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-28T12:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "RHSA-2013:0924",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-0924.html"
},
{
"name": "enterprise-cve20132152-priv-esc(84866)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/84866"
},
{
"name": "RHSA-2013:0925",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-0925.html"
},
{
"name": "60475",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/60475"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=971172"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2013-2152",
"datePublished": "2014-01-21T18:00:00",
"dateReserved": "2013-02-19T00:00:00",
"dateUpdated": "2024-08-06T15:27:40.814Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2012-3404
Vulnerability from cvelistv5
Published
2014-02-10 17:00
Modified
2024-08-06 20:05
Severity ?
EPSS score ?
Summary
The vfprintf function in stdio-common/vfprintf.c in libc in GNU C Library (aka glibc) 2.12 and other versions does not properly calculate a buffer length, which allows context-dependent attackers to bypass the FORTIFY_SOURCE format-string protection mechanism and cause a denial of service (stack corruption and crash) via a format string that uses positional parameters and many format specifiers.
References
| ▼ | URL | Tags |
|---|---|---|
| http://rhn.redhat.com/errata/RHSA-2012-1200.html | vendor-advisory, x_refsource_REDHAT | |
| https://sourceware.org/bugzilla/show_bug.cgi?id=12445 | x_refsource_CONFIRM | |
| https://bugzilla.redhat.com/show_bug.cgi?id=833703 | x_refsource_CONFIRM | |
| https://security.gentoo.org/glsa/201503-04 | vendor-advisory, x_refsource_GENTOO | |
| http://rhn.redhat.com/errata/RHSA-2012-1098.html | vendor-advisory, x_refsource_REDHAT | |
| http://www.ubuntu.com/usn/USN-1589-1 | vendor-advisory, x_refsource_UBUNTU | |
| http://www.openwall.com/lists/oss-security/2012/07/11/17 | mailing-list, x_refsource_MLIST |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T20:05:12.567Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "RHSA-2012:1200",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-1200.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=12445"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=833703"
},
{
"name": "GLSA-201503-04",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201503-04"
},
{
"name": "RHSA-2012:1098",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-1098.html"
},
{
"name": "USN-1589-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-1589-1"
},
{
"name": "[oss-security] 20120711 Re: CVE request: glibc formatted printing vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2012/07/11/17"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2011-02-20T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The vfprintf function in stdio-common/vfprintf.c in libc in GNU C Library (aka glibc) 2.12 and other versions does not properly calculate a buffer length, which allows context-dependent attackers to bypass the FORTIFY_SOURCE format-string protection mechanism and cause a denial of service (stack corruption and crash) via a format string that uses positional parameters and many format specifiers."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-06-30T16:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "RHSA-2012:1200",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-1200.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=12445"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=833703"
},
{
"name": "GLSA-201503-04",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201503-04"
},
{
"name": "RHSA-2012:1098",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-1098.html"
},
{
"name": "USN-1589-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-1589-1"
},
{
"name": "[oss-security] 20120711 Re: CVE request: glibc formatted printing vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2012/07/11/17"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2012-3404",
"datePublished": "2014-02-10T17:00:00",
"dateReserved": "2012-06-14T00:00:00",
"dateUpdated": "2024-08-06T20:05:12.567Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2013-2176
Vulnerability from cvelistv5
Published
2013-08-28 17:00
Modified
2024-09-16 23:10
Severity ?
EPSS score ?
Summary
Unquoted Windows search path vulnerability in the Red Hat Enterprise Virtualization Application Provisioning Tool (RHEV-APT) in the rhev-guest-tools-iso package 3.2 allows local users to gain privileges via a Trojan horse application.
References
| ▼ | URL | Tags |
|---|---|---|
| http://rhn.redhat.com/errata/RHSA-2013-1122.html | vendor-advisory, x_refsource_REDHAT |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T15:27:41.048Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "RHSA-2013:1122",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1122.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Unquoted Windows search path vulnerability in the Red Hat Enterprise Virtualization Application Provisioning Tool (RHEV-APT) in the rhev-guest-tools-iso package 3.2 allows local users to gain privileges via a Trojan horse application."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2013-08-28T17:00:00Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "RHSA-2013:1122",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1122.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2013-2176",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unquoted Windows search path vulnerability in the Red Hat Enterprise Virtualization Application Provisioning Tool (RHEV-APT) in the rhev-guest-tools-iso package 3.2 allows local users to gain privileges via a Trojan horse application."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "RHSA-2013:1122",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1122.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2013-2176",
"datePublished": "2013-08-28T17:00:00Z",
"dateReserved": "2013-02-19T00:00:00Z",
"dateUpdated": "2024-09-16T23:10:41.813Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2010-0435
Vulnerability from cvelistv5
Published
2010-08-24 17:00
Modified
2024-08-07 00:52
Severity ?
EPSS score ?
Summary
The Hypervisor (aka rhev-hypervisor) in Red Hat Enterprise Virtualization (RHEV) 2.2, and KVM 83, when the Intel VT-x extension is enabled, allows guest OS users to cause a denial of service (NULL pointer dereference and host OS crash) via vectors related to instruction emulation.
References
| ▼ | URL | Tags |
|---|---|---|
| https://rhn.redhat.com/errata/RHSA-2010-0627.html | vendor-advisory, x_refsource_REDHAT | |
| http://secunia.com/advisories/42778 | third-party-advisory, x_refsource_SECUNIA | |
| https://rhn.redhat.com/errata/RHSA-2010-0622.html | vendor-advisory, x_refsource_REDHAT | |
| http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00000.html | vendor-advisory, x_refsource_SUSE | |
| https://bugzilla.redhat.com/show_bug.cgi?id=570528 | x_refsource_CONFIRM | |
| http://www.vupen.com/english/advisories/2011/0012 | vdb-entry, x_refsource_VUPEN |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T00:52:17.396Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "RHSA-2010:0627",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://rhn.redhat.com/errata/RHSA-2010-0627.html"
},
{
"name": "42778",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/42778"
},
{
"name": "RHSA-2010:0622",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://rhn.redhat.com/errata/RHSA-2010-0622.html"
},
{
"name": "SUSE-SA:2011:001",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00000.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=570528"
},
{
"name": "ADV-2011-0012",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2011/0012"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2010-08-19T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The Hypervisor (aka rhev-hypervisor) in Red Hat Enterprise Virtualization (RHEV) 2.2, and KVM 83, when the Intel VT-x extension is enabled, allows guest OS users to cause a denial of service (NULL pointer dereference and host OS crash) via vectors related to instruction emulation."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2011-01-15T10:00:00",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "RHSA-2010:0627",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://rhn.redhat.com/errata/RHSA-2010-0627.html"
},
{
"name": "42778",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/42778"
},
{
"name": "RHSA-2010:0622",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://rhn.redhat.com/errata/RHSA-2010-0622.html"
},
{
"name": "SUSE-SA:2011:001",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00000.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=570528"
},
{
"name": "ADV-2011-0012",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2011/0012"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2010-0435",
"datePublished": "2010-08-24T17:00:00",
"dateReserved": "2010-01-27T00:00:00",
"dateUpdated": "2024-08-07T00:52:17.396Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2014-8170
Vulnerability from cvelistv5
Published
2017-09-25 19:00
Modified
2024-08-06 13:10
Severity ?
EPSS score ?
Summary
ovirt_safe_delete_config in ovirtfunctions.py and other unspecified locations in ovirt-node 3.0.0-474-gb852fd7 as packaged in Red Hat Enterprise Virtualization 3 do not properly quote input strings, which allows remote authenticated users and physically proximate attackers to execute arbitrary commands via a ; (semicolon) in an input string.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T13:10:50.900Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://gerrit.ovirt.org/gitweb?p=ovirt-node.git%3Ba=blob%3Bf=src/ovirtnode/ovirtfunctions.py%3Bh=caef7ef019ca12b49aa3c030792538956fb4caad%3Bhb=e11e02cd9256c854dd0419515097637d6829b4f1#l1091"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1194745"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-02-20T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "ovirt_safe_delete_config in ovirtfunctions.py and other unspecified locations in ovirt-node 3.0.0-474-gb852fd7 as packaged in Red Hat Enterprise Virtualization 3 do not properly quote input strings, which allows remote authenticated users and physically proximate attackers to execute arbitrary commands via a ; (semicolon) in an input string."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-25T18:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://gerrit.ovirt.org/gitweb?p=ovirt-node.git%3Ba=blob%3Bf=src/ovirtnode/ovirtfunctions.py%3Bh=caef7ef019ca12b49aa3c030792538956fb4caad%3Bhb=e11e02cd9256c854dd0419515097637d6829b4f1#l1091"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1194745"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2014-8170",
"datePublished": "2017-09-25T19:00:00",
"dateReserved": "2014-10-10T00:00:00",
"dateUpdated": "2024-08-06T13:10:50.900Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2014-5177
Vulnerability from cvelistv5
Published
2014-08-03 18:00
Modified
2024-08-06 11:34
Severity ?
EPSS score ?
Summary
libvirt 1.0.0 through 1.2.x before 1.2.5, when fine grained access control is enabled, allows local users to read arbitrary files via a crafted XML document containing an XML external entity declaration in conjunction with an entity reference to the (1) virDomainDefineXML, (2) virNetworkCreateXML, (3) virNetworkDefineXML, (4) virStoragePoolCreateXML, (5) virStoragePoolDefineXML, (6) virStorageVolCreateXML, (7) virDomainCreateXML, (8) virNodeDeviceCreateXML, (9) virInterfaceDefineXML, (10) virStorageVolCreateXMLFrom, (11) virConnectDomainXMLFromNative, (12) virConnectDomainXMLToNative, (13) virSecretDefineXML, (14) virNWFilterDefineXML, (15) virDomainSnapshotCreateXML, (16) virDomainSaveImageDefineXML, (17) virDomainCreateXMLWithFiles, (18) virConnectCompareCPU, or (19) virConnectBaselineCPU API method, related to an XML External Entity (XXE) issue. NOTE: this issue was SPLIT from CVE-2014-0179 per ADT3 due to different affected versions of some vectors.
References
| ▼ | URL | Tags |
|---|---|---|
| http://rhn.redhat.com/errata/RHSA-2014-0560.html | vendor-advisory, x_refsource_REDHAT | |
| http://libvirt.org/news.html | x_refsource_CONFIRM | |
| http://secunia.com/advisories/60895 | third-party-advisory, x_refsource_SECUNIA | |
| http://security.gentoo.org/glsa/glsa-201412-04.xml | vendor-advisory, x_refsource_GENTOO | |
| http://lists.opensuse.org/opensuse-updates/2014-05/msg00052.html | vendor-advisory, x_refsource_SUSE | |
| http://lists.opensuse.org/opensuse-updates/2014-05/msg00048.html | vendor-advisory, x_refsource_SUSE | |
| http://www.ubuntu.com/usn/USN-2366-1 | vendor-advisory, x_refsource_UBUNTU | |
| http://security.libvirt.org/2014/0003.html | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T11:34:37.613Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "RHSA-2014:0560",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0560.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://libvirt.org/news.html"
},
{
"name": "60895",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/60895"
},
{
"name": "GLSA-201412-04",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-201412-04.xml"
},
{
"name": "openSUSE-SU-2014:0674",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2014-05/msg00052.html"
},
{
"name": "openSUSE-SU-2014:0650",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2014-05/msg00048.html"
},
{
"name": "USN-2366-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2366-1"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://security.libvirt.org/2014/0003.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-05-06T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "libvirt 1.0.0 through 1.2.x before 1.2.5, when fine grained access control is enabled, allows local users to read arbitrary files via a crafted XML document containing an XML external entity declaration in conjunction with an entity reference to the (1) virDomainDefineXML, (2) virNetworkCreateXML, (3) virNetworkDefineXML, (4) virStoragePoolCreateXML, (5) virStoragePoolDefineXML, (6) virStorageVolCreateXML, (7) virDomainCreateXML, (8) virNodeDeviceCreateXML, (9) virInterfaceDefineXML, (10) virStorageVolCreateXMLFrom, (11) virConnectDomainXMLFromNative, (12) virConnectDomainXMLToNative, (13) virSecretDefineXML, (14) virNWFilterDefineXML, (15) virDomainSnapshotCreateXML, (16) virDomainSaveImageDefineXML, (17) virDomainCreateXMLWithFiles, (18) virConnectCompareCPU, or (19) virConnectBaselineCPU API method, related to an XML External Entity (XXE) issue. NOTE: this issue was SPLIT from CVE-2014-0179 per ADT3 due to different affected versions of some vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2014-12-12T13:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "RHSA-2014:0560",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0560.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://libvirt.org/news.html"
},
{
"name": "60895",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/60895"
},
{
"name": "GLSA-201412-04",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-201412-04.xml"
},
{
"name": "openSUSE-SU-2014:0674",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2014-05/msg00052.html"
},
{
"name": "openSUSE-SU-2014:0650",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2014-05/msg00048.html"
},
{
"name": "USN-2366-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2366-1"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://security.libvirt.org/2014/0003.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-5177",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "libvirt 1.0.0 through 1.2.x before 1.2.5, when fine grained access control is enabled, allows local users to read arbitrary files via a crafted XML document containing an XML external entity declaration in conjunction with an entity reference to the (1) virDomainDefineXML, (2) virNetworkCreateXML, (3) virNetworkDefineXML, (4) virStoragePoolCreateXML, (5) virStoragePoolDefineXML, (6) virStorageVolCreateXML, (7) virDomainCreateXML, (8) virNodeDeviceCreateXML, (9) virInterfaceDefineXML, (10) virStorageVolCreateXMLFrom, (11) virConnectDomainXMLFromNative, (12) virConnectDomainXMLToNative, (13) virSecretDefineXML, (14) virNWFilterDefineXML, (15) virDomainSnapshotCreateXML, (16) virDomainSaveImageDefineXML, (17) virDomainCreateXMLWithFiles, (18) virConnectCompareCPU, or (19) virConnectBaselineCPU API method, related to an XML External Entity (XXE) issue. NOTE: this issue was SPLIT from CVE-2014-0179 per ADT3 due to different affected versions of some vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "RHSA-2014:0560",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2014-0560.html"
},
{
"name": "http://libvirt.org/news.html",
"refsource": "CONFIRM",
"url": "http://libvirt.org/news.html"
},
{
"name": "60895",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/60895"
},
{
"name": "GLSA-201412-04",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-201412-04.xml"
},
{
"name": "openSUSE-SU-2014:0674",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2014-05/msg00052.html"
},
{
"name": "openSUSE-SU-2014:0650",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2014-05/msg00048.html"
},
{
"name": "USN-2366-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2366-1"
},
{
"name": "http://security.libvirt.org/2014/0003.html",
"refsource": "CONFIRM",
"url": "http://security.libvirt.org/2014/0003.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2014-5177",
"datePublished": "2014-08-03T18:00:00",
"dateReserved": "2014-08-03T00:00:00",
"dateUpdated": "2024-08-06T11:34:37.613Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2014-8167
Vulnerability from cvelistv5
Published
2019-11-13 16:11
Modified
2024-08-06 13:10
Severity ?
EPSS score ?
Summary
vdsm and vdsclient does not validate certficate hostname from another vdsm which could facilitate a man-in-the-middle attack
References
| ▼ | URL | Tags |
|---|---|---|
| https://access.redhat.com/security/cve/cve-2014-8167 | x_refsource_MISC | |
| https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2014-8167 | vendor-advisory, x_refsource_REDHAT |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | vdsm and vdsclient | vdsm and vdsclient |
Version: through 2014-11-18 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T13:10:51.146Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://access.redhat.com/security/cve/cve-2014-8167"
},
{
"name": "Red Hat",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2014-8167"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "vdsm and vdsclient",
"vendor": "vdsm and vdsclient",
"versions": [
{
"status": "affected",
"version": "through 2014-11-18"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "vdsm and vdsclient does not validate certficate hostname from another vdsm which could facilitate a man-in-the-middle attack"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "does not validate certficate hostname from another vdsm",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-11-13T16:11:45",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://access.redhat.com/security/cve/cve-2014-8167"
},
{
"name": "Red Hat",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2014-8167"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2014-8167",
"datePublished": "2019-11-13T16:11:46",
"dateReserved": "2014-10-10T00:00:00",
"dateUpdated": "2024-08-06T13:10:51.146Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2016-6310
Vulnerability from cvelistv5
Published
2017-08-22 18:00
Modified
2024-08-06 01:29
Severity ?
EPSS score ?
Summary
oVirt Engine discloses the ENGINE_HTTPS_PKI_TRUST_STORE_PASSWORD in /var/log/ovirt-engine/engine.log file in RHEV before 4.0.
References
| ▼ | URL | Tags |
|---|---|---|
| https://bugzilla.redhat.com/show_bug.cgi?id=1363738 | x_refsource_CONFIRM | |
| http://www.securityfocus.com/bid/92345 | vdb-entry, x_refsource_BID |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T01:29:18.286Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1363738"
},
{
"name": "92345",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/92345"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-08-03T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "oVirt Engine discloses the ENGINE_HTTPS_PKI_TRUST_STORE_PASSWORD in /var/log/ovirt-engine/engine.log file in RHEV before 4.0."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-22T17:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1363738"
},
{
"name": "92345",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/92345"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2016-6310",
"datePublished": "2017-08-22T18:00:00",
"dateReserved": "2016-07-26T00:00:00",
"dateUpdated": "2024-08-06T01:29:18.286Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2012-3406
Vulnerability from cvelistv5
Published
2014-02-10 17:00
Modified
2024-08-06 20:05
Severity ?
EPSS score ?
Summary
The vfprintf function in stdio-common/vfprintf.c in GNU C Library (aka glibc) 2.5, 2.12, and probably other versions does not "properly restrict the use of" the alloca function when allocating the SPECS array, which allows context-dependent attackers to bypass the FORTIFY_SOURCE format-string protection mechanism and cause a denial of service (crash) or possibly execute arbitrary code via a crafted format string using positional parameters and a large number of format specifiers, a different vulnerability than CVE-2012-3404 and CVE-2012-3405.
References
| ▼ | URL | Tags |
|---|---|---|
| http://rhn.redhat.com/errata/RHSA-2012-1200.html | vendor-advisory, x_refsource_REDHAT | |
| https://bugzilla.redhat.com/show_bug.cgi?id=826943 | x_refsource_CONFIRM | |
| http://rhn.redhat.com/errata/RHSA-2012-1097.html | vendor-advisory, x_refsource_REDHAT | |
| https://security.gentoo.org/glsa/201503-04 | vendor-advisory, x_refsource_GENTOO | |
| http://rhn.redhat.com/errata/RHSA-2012-1098.html | vendor-advisory, x_refsource_REDHAT | |
| http://www.ubuntu.com/usn/USN-1589-1 | vendor-advisory, x_refsource_UBUNTU | |
| http://rhn.redhat.com/errata/RHSA-2012-1185.html | vendor-advisory, x_refsource_REDHAT | |
| http://www.openwall.com/lists/oss-security/2012/07/11/17 | mailing-list, x_refsource_MLIST | |
| https://bugzilla.redhat.com/attachment.cgi?id=594722 | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T20:05:12.465Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "RHSA-2012:1200",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-1200.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=826943"
},
{
"name": "RHSA-2012:1097",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-1097.html"
},
{
"name": "GLSA-201503-04",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201503-04"
},
{
"name": "RHSA-2012:1098",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-1098.html"
},
{
"name": "USN-1589-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-1589-1"
},
{
"name": "RHSA-2012:1185",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-1185.html"
},
{
"name": "[oss-security] 20120711 Re: CVE request: glibc formatted printing vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2012/07/11/17"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/attachment.cgi?id=594722"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-05-31T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The vfprintf function in stdio-common/vfprintf.c in GNU C Library (aka glibc) 2.5, 2.12, and probably other versions does not \"properly restrict the use of\" the alloca function when allocating the SPECS array, which allows context-dependent attackers to bypass the FORTIFY_SOURCE format-string protection mechanism and cause a denial of service (crash) or possibly execute arbitrary code via a crafted format string using positional parameters and a large number of format specifiers, a different vulnerability than CVE-2012-3404 and CVE-2012-3405."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-06-30T16:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "RHSA-2012:1200",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-1200.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=826943"
},
{
"name": "RHSA-2012:1097",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-1097.html"
},
{
"name": "GLSA-201503-04",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201503-04"
},
{
"name": "RHSA-2012:1098",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-1098.html"
},
{
"name": "USN-1589-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-1589-1"
},
{
"name": "RHSA-2012:1185",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-1185.html"
},
{
"name": "[oss-security] 20120711 Re: CVE request: glibc formatted printing vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2012/07/11/17"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/attachment.cgi?id=594722"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2012-3406",
"datePublished": "2014-02-10T17:00:00",
"dateReserved": "2012-06-14T00:00:00",
"dateUpdated": "2024-08-06T20:05:12.465Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2013-4236
Vulnerability from cvelistv5
Published
2013-08-19 23:00
Modified
2024-08-06 16:38
Severity ?
EPSS score ?
Summary
VDSM in Red Hat Enterprise Virtualization 3 and 3.2 allows privileged guest users to cause the host to become "unavailable to the managment server" via invalid XML characters in a guest agent response. NOTE: this issue is due to an incomplete fix for CVE-2013-0167.
References
| ▼ | URL | Tags |
|---|---|---|
| http://gerrit.ovirt.org/gitweb?p=vdsm.git%3Ba=commit%3Bh=5fe1615b7949999fc9abd896bde63bf24f8431d6 | x_refsource_MISC | |
| http://rhn.redhat.com/errata/RHSA-2013-1155.html | vendor-advisory, x_refsource_REDHAT | |
| https://bugzilla.redhat.com/show_bug.cgi?id=996166 | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T16:38:01.690Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://gerrit.ovirt.org/gitweb?p=vdsm.git%3Ba=commit%3Bh=5fe1615b7949999fc9abd896bde63bf24f8431d6"
},
{
"name": "RHSA-2013:1155",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1155.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=996166"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "VDSM in Red Hat Enterprise Virtualization 3 and 3.2 allows privileged guest users to cause the host to become \"unavailable to the managment server\" via invalid XML characters in a guest agent response. NOTE: this issue is due to an incomplete fix for CVE-2013-0167."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2013-08-19T23:00:00Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://gerrit.ovirt.org/gitweb?p=vdsm.git%3Ba=commit%3Bh=5fe1615b7949999fc9abd896bde63bf24f8431d6"
},
{
"name": "RHSA-2013:1155",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1155.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=996166"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2013-4236",
"datePublished": "2013-08-19T23:00:00Z",
"dateReserved": "2013-06-12T00:00:00Z",
"dateUpdated": "2024-08-06T16:38:01.690Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2014-3485
Vulnerability from cvelistv5
Published
2014-07-11 14:00
Modified
2024-08-06 10:43
Severity ?
EPSS score ?
Summary
The REST API in the ovirt-engine in oVirt, as used in Red Hat Enterprise Virtualization (rhevm) 3.4, allows remote authenticated users to read arbitrary files and have other unspecified impact via unknown vectors, related to an XML External Entity (XXE) issue.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securitytracker.com/id/1030501 | vdb-entry, x_refsource_SECTRACK | |
| http://rhn.redhat.com/errata/RHSA-2014-0814.html | vendor-advisory, x_refsource_REDHAT |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T10:43:06.139Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1030501",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1030501"
},
{
"name": "RHSA-2014:0814",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0814.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-06-30T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The REST API in the ovirt-engine in oVirt, as used in Red Hat Enterprise Virtualization (rhevm) 3.4, allows remote authenticated users to read arbitrary files and have other unspecified impact via unknown vectors, related to an XML External Entity (XXE) issue."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2014-07-11T13:57:00",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "1030501",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1030501"
},
{
"name": "RHSA-2014:0814",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0814.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2014-3485",
"datePublished": "2014-07-11T14:00:00",
"dateReserved": "2014-05-14T00:00:00",
"dateUpdated": "2024-08-06T10:43:06.139Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2018-1111
Vulnerability from cvelistv5
Published
2018-05-17 16:00
Modified
2024-08-05 03:51
Severity ?
EPSS score ?
Summary
DHCP packages in Red Hat Enterprise Linux 6 and 7, Fedora 28, and earlier are vulnerable to a command injection flaw in the NetworkManager integration script included in the DHCP client. A malicious DHCP server, or an attacker on the local network able to spoof DHCP responses, could use this flaw to execute arbitrary commands with root privileges on systems using NetworkManager and configured to obtain network configuration using the DHCP protocol.
References
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T03:51:48.789Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-1111"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.tenable.com/security/tns-2018-10"
},
{
"name": "FEDORA-2018-5392896132",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IDJA4QRR74TMXW34Q3DYYFPVBYRTJBI7/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://access.redhat.com/security/vulnerabilities/3442151"
},
{
"name": "104195",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/104195"
},
{
"name": "FEDORA-2018-23ca7a6798",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QMTTB54QNTPD2SK6UL32EVQHMZP6BUUD/"
},
{
"name": "1040912",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1040912"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0"
},
{
"name": "RHSA-2018:1454",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1454"
},
{
"name": "RHSA-2018:1455",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1455"
},
{
"name": "RHSA-2018:1457",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1457"
},
{
"name": "RHSA-2018:1459",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1459"
},
{
"name": "RHSA-2018:1453",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1453"
},
{
"name": "FEDORA-2018-36058ed9f2",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CDCLLCHYFFXW354HMB5QBXOQOY5BH2EJ/"
},
{
"name": "RHSA-2018:1524",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1524"
},
{
"name": "RHSA-2018:1456",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1456"
},
{
"name": "RHSA-2018:1461",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1461"
},
{
"name": "44652",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/44652/"
},
{
"name": "44890",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/44890/"
},
{
"name": "RHSA-2018:1458",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1458"
},
{
"name": "RHSA-2018:1460",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1460"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "dhcp",
"vendor": "Red Hat",
"versions": [
{
"status": "affected",
"version": "Red Hat Enterprise Linux 6"
},
{
"status": "affected",
"version": "Red Hat Enterprise Linux 7"
}
]
},
{
"product": "dhcp",
"vendor": "Fedora",
"versions": [
{
"status": "affected",
"version": "Fedora 28"
}
]
}
],
"datePublic": "2018-05-15T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "DHCP packages in Red Hat Enterprise Linux 6 and 7, Fedora 28, and earlier are vulnerable to a command injection flaw in the NetworkManager integration script included in the DHCP client. A malicious DHCP server, or an attacker on the local network able to spoof DHCP responses, could use this flaw to execute arbitrary commands with root privileges on systems using NetworkManager and configured to obtain network configuration using the DHCP protocol."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "HIGH",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-77",
"description": "CWE-77",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-11-30T20:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-1111"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.tenable.com/security/tns-2018-10"
},
{
"name": "FEDORA-2018-5392896132",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IDJA4QRR74TMXW34Q3DYYFPVBYRTJBI7/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://access.redhat.com/security/vulnerabilities/3442151"
},
{
"name": "104195",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/104195"
},
{
"name": "FEDORA-2018-23ca7a6798",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QMTTB54QNTPD2SK6UL32EVQHMZP6BUUD/"
},
{
"name": "1040912",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1040912"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0"
},
{
"name": "RHSA-2018:1454",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1454"
},
{
"name": "RHSA-2018:1455",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1455"
},
{
"name": "RHSA-2018:1457",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1457"
},
{
"name": "RHSA-2018:1459",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1459"
},
{
"name": "RHSA-2018:1453",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1453"
},
{
"name": "FEDORA-2018-36058ed9f2",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CDCLLCHYFFXW354HMB5QBXOQOY5BH2EJ/"
},
{
"name": "RHSA-2018:1524",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1524"
},
{
"name": "RHSA-2018:1456",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1456"
},
{
"name": "RHSA-2018:1461",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1461"
},
{
"name": "44652",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/44652/"
},
{
"name": "44890",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/44890/"
},
{
"name": "RHSA-2018:1458",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1458"
},
{
"name": "RHSA-2018:1460",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1460"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2018-1111",
"datePublished": "2018-05-17T16:00:00",
"dateReserved": "2017-12-04T00:00:00",
"dateUpdated": "2024-08-05T03:51:48.789Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2008-3522
Vulnerability from cvelistv5
Published
2008-10-02 18:00
Modified
2024-08-07 09:45
Severity ?
EPSS score ?
Summary
Buffer overflow in the jas_stream_printf function in libjasper/base/jas_stream.c in JasPer 1.900.1 might allow context-dependent attackers to have an unknown impact via vectors related to the mif_hdr_put function and use of vsprintf.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T09:45:18.634Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "31470",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/31470"
},
{
"name": "MDVSA-2009:164",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:164"
},
{
"name": "MDVSA-2009:144",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:144"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://bugs.gentoo.org/attachment.cgi?id=163282\u0026action=view"
},
{
"name": "34391",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/34391"
},
{
"name": "MDVSA-2009:142",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:142"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://bugs.gentoo.org/show_bug.cgi?id=222819"
},
{
"name": "USN-742-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-742-1"
},
{
"name": "jasper-jasstreamprintf-bo(45623)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45623"
},
{
"name": "RHSA-2015:0698",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-0698.html"
},
{
"name": "33173",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/33173"
},
{
"name": "GLSA-200812-18",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-200812-18.xml"
},
{
"name": "SSA:2015-302-02",
"tags": [
"vendor-advisory",
"x_refsource_SLACKWARE",
"x_transferred"
],
"url": "http://www.slackware.com/security/viewer.php?l=slackware-security\u0026y=2015\u0026m=slackware-security.538606"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-09-29T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in the jas_stream_printf function in libjasper/base/jas_stream.c in JasPer 1.900.1 might allow context-dependent attackers to have an unknown impact via vectors related to the mif_hdr_put function and use of vsprintf."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-07T12:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "31470",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/31470"
},
{
"name": "MDVSA-2009:164",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:164"
},
{
"name": "MDVSA-2009:144",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:144"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://bugs.gentoo.org/attachment.cgi?id=163282\u0026action=view"
},
{
"name": "34391",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/34391"
},
{
"name": "MDVSA-2009:142",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:142"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://bugs.gentoo.org/show_bug.cgi?id=222819"
},
{
"name": "USN-742-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-742-1"
},
{
"name": "jasper-jasstreamprintf-bo(45623)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45623"
},
{
"name": "RHSA-2015:0698",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-0698.html"
},
{
"name": "33173",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/33173"
},
{
"name": "GLSA-200812-18",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-200812-18.xml"
},
{
"name": "SSA:2015-302-02",
"tags": [
"vendor-advisory",
"x_refsource_SLACKWARE"
],
"url": "http://www.slackware.com/security/viewer.php?l=slackware-security\u0026y=2015\u0026m=slackware-security.538606"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2008-3522",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in the jas_stream_printf function in libjasper/base/jas_stream.c in JasPer 1.900.1 might allow context-dependent attackers to have an unknown impact via vectors related to the mif_hdr_put function and use of vsprintf."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "31470",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/31470"
},
{
"name": "MDVSA-2009:164",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:164"
},
{
"name": "MDVSA-2009:144",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:144"
},
{
"name": "http://bugs.gentoo.org/attachment.cgi?id=163282\u0026action=view",
"refsource": "MISC",
"url": "http://bugs.gentoo.org/attachment.cgi?id=163282\u0026action=view"
},
{
"name": "34391",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/34391"
},
{
"name": "MDVSA-2009:142",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:142"
},
{
"name": "http://bugs.gentoo.org/show_bug.cgi?id=222819",
"refsource": "MISC",
"url": "http://bugs.gentoo.org/show_bug.cgi?id=222819"
},
{
"name": "USN-742-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-742-1"
},
{
"name": "jasper-jasstreamprintf-bo(45623)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45623"
},
{
"name": "RHSA-2015:0698",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-0698.html"
},
{
"name": "33173",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/33173"
},
{
"name": "GLSA-200812-18",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200812-18.xml"
},
{
"name": "SSA:2015-302-02",
"refsource": "SLACKWARE",
"url": "http://www.slackware.com/security/viewer.php?l=slackware-security\u0026y=2015\u0026m=slackware-security.538606"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2008-3522",
"datePublished": "2008-10-02T18:00:00",
"dateReserved": "2008-08-07T00:00:00",
"dateUpdated": "2024-08-07T09:45:18.634Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2018-1117
Vulnerability from cvelistv5
Published
2018-06-19 13:00
Modified
2024-08-05 03:51
Severity ?
EPSS score ?
Summary
ovirt-ansible-roles before version 1.0.6 has a vulnerability due to a missing no_log directive, resulting in the 'Add oVirt Provider to ManageIQ/CloudForms' playbook inadvertently disclosing admin passwords in the provisioning log. In an environment where logs are shared with other parties, this could lead to privilege escalation.
References
| ▼ | URL | Tags |
|---|---|---|
| https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-1117 | x_refsource_CONFIRM | |
| http://www.securityfocus.com/bid/104186 | vdb-entry, x_refsource_BID | |
| https://access.redhat.com/errata/RHSA-2018:1452 | vendor-advisory, x_refsource_REDHAT |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | [UNKNOWN] | ovirt-ansible-roles |
Version: ovirt-ansible-roles 1.0.6 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T03:51:48.428Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-1117"
},
{
"name": "104186",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/104186"
},
{
"name": "RHSA-2018:1452",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1452"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "ovirt-ansible-roles",
"vendor": "[UNKNOWN]",
"versions": [
{
"status": "affected",
"version": "ovirt-ansible-roles 1.0.6"
}
]
}
],
"datePublic": "2018-05-15T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "ovirt-ansible-roles before version 1.0.6 has a vulnerability due to a missing no_log directive, resulting in the \u0027Add oVirt Provider to ManageIQ/CloudForms\u0027 playbook inadvertently disclosing admin passwords in the provisioning log. In an environment where logs are shared with other parties, this could lead to privilege escalation."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-532",
"description": "CWE-532",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-06-20T09:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-1117"
},
{
"name": "104186",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/104186"
},
{
"name": "RHSA-2018:1452",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1452"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2018-1117",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "ovirt-ansible-roles",
"version": {
"version_data": [
{
"version_value": "ovirt-ansible-roles 1.0.6"
}
]
}
}
]
},
"vendor_name": "[UNKNOWN]"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "ovirt-ansible-roles before version 1.0.6 has a vulnerability due to a missing no_log directive, resulting in the \u0027Add oVirt Provider to ManageIQ/CloudForms\u0027 playbook inadvertently disclosing admin passwords in the provisioning log. In an environment where logs are shared with other parties, this could lead to privilege escalation."
}
]
},
"impact": {
"cvss": [
[
{
"vectorString": "5.0/CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N",
"version": "3.0"
}
]
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-532"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-1117",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-1117"
},
{
"name": "104186",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/104186"
},
{
"name": "RHSA-2018:1452",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:1452"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2018-1117",
"datePublished": "2018-06-19T13:00:00",
"dateReserved": "2017-12-04T00:00:00",
"dateUpdated": "2024-08-05T03:51:48.428Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2010-0431
Vulnerability from cvelistv5
Published
2010-08-24 17:00
Modified
2024-08-07 00:45
Severity ?
EPSS score ?
Summary
QEMU-KVM, as used in the Hypervisor (aka rhev-hypervisor) in Red Hat Enterprise Virtualization (RHEV) 2.2 and KVM 83, does not properly validate guest QXL driver pointers, which allows guest OS users to cause a denial of service (invalid pointer dereference and guest OS crash) or possibly gain privileges via unspecified vectors.
References
| ▼ | URL | Tags |
|---|---|---|
| https://rhn.redhat.com/errata/RHSA-2010-0627.html | vendor-advisory, x_refsource_REDHAT | |
| https://bugzilla.redhat.com/show_bug.cgi?id=568809 | x_refsource_CONFIRM | |
| https://rhn.redhat.com/errata/RHSA-2010-0622.html | vendor-advisory, x_refsource_REDHAT |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T00:45:12.288Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "RHSA-2010:0627",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://rhn.redhat.com/errata/RHSA-2010-0627.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=568809"
},
{
"name": "RHSA-2010:0622",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://rhn.redhat.com/errata/RHSA-2010-0622.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "QEMU-KVM, as used in the Hypervisor (aka rhev-hypervisor) in Red Hat Enterprise Virtualization (RHEV) 2.2 and KVM 83, does not properly validate guest QXL driver pointers, which allows guest OS users to cause a denial of service (invalid pointer dereference and guest OS crash) or possibly gain privileges via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2010-08-24T17:00:00Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "RHSA-2010:0627",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://rhn.redhat.com/errata/RHSA-2010-0627.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=568809"
},
{
"name": "RHSA-2010:0622",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://rhn.redhat.com/errata/RHSA-2010-0622.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2010-0431",
"datePublished": "2010-08-24T17:00:00Z",
"dateReserved": "2010-01-27T00:00:00Z",
"dateUpdated": "2024-08-07T00:45:12.288Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2016-6338
Vulnerability from cvelistv5
Published
2017-04-20 17:00
Modified
2024-08-06 01:29
Severity ?
EPSS score ?
Summary
ovirt-engine-webadmin, as used in Red Hat Enterprise Virtualization Manager (aka RHEV-M) for Servers and RHEV-M 4.0, allows physically proximate attackers to bypass a webadmin session timeout restriction via vectors related to UI selections, which trigger repeating queries.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/92666 | vdb-entry, x_refsource_BID | |
| https://access.redhat.com/errata/RHSA-2017:3427 | vendor-advisory, x_refsource_REDHAT | |
| https://bugzilla.redhat.com/show_bug.cgi?id=1369285 | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T01:29:19.530Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "92666",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/92666"
},
{
"name": "RHSA-2017:3427",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3427"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1369285"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-08-22T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "ovirt-engine-webadmin, as used in Red Hat Enterprise Virtualization Manager (aka RHEV-M) for Servers and RHEV-M 4.0, allows physically proximate attackers to bypass a webadmin session timeout restriction via vectors related to UI selections, which trigger repeating queries."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-12-12T10:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "92666",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/92666"
},
{
"name": "RHSA-2017:3427",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3427"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1369285"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2016-6338",
"datePublished": "2017-04-20T17:00:00",
"dateReserved": "2016-07-26T00:00:00",
"dateUpdated": "2024-08-06T01:29:19.530Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2017-2614
Vulnerability from cvelistv5
Published
2018-07-27 18:00
Modified
2024-08-05 14:02
Severity ?
EPSS score ?
Summary
When updating a password in the rhvm database the ovirt-aaa-jdbc-tool tools before 1.1.3 fail to correctly check for the current password if it is expired. This would allow access to an attacker with access to change the password on accounts with expired passwords, gaining access to those accounts.
References
| ▼ | URL | Tags |
|---|---|---|
| http://rhn.redhat.com/errata/RHSA-2017-0257.html | vendor-advisory, x_refsource_REDHAT | |
| https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-2614 | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Red Hat | ovirt-engine-extension-aaa-jdbc |
Version: 1.1.3 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T14:02:06.983Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "RHSA-2017:0257",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0257.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-2614"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "ovirt-engine-extension-aaa-jdbc",
"vendor": "Red Hat",
"versions": [
{
"status": "affected",
"version": "1.1.3"
}
]
}
],
"datePublic": "2018-07-27T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "When updating a password in the rhvm database the ovirt-aaa-jdbc-tool tools before 1.1.3 fail to correctly check for the current password if it is expired. This would allow access to an attacker with access to change the password on accounts with expired passwords, gaining access to those accounts."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-07-28T09:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "RHSA-2017:0257",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0257.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-2614"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2017-2614",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "ovirt-engine-extension-aaa-jdbc",
"version": {
"version_data": [
{
"version_value": "1.1.3"
}
]
}
}
]
},
"vendor_name": "Red Hat"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "When updating a password in the rhvm database the ovirt-aaa-jdbc-tool tools before 1.1.3 fail to correctly check for the current password if it is expired. This would allow access to an attacker with access to change the password on accounts with expired passwords, gaining access to those accounts."
}
]
},
"impact": {
"cvss": [
[
{
"vectorString": "6.8/CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L",
"version": "3.0"
}
]
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-20"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "RHSA-2017:0257",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2017-0257.html"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-2614",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-2614"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2017-2614",
"datePublished": "2018-07-27T18:00:00",
"dateReserved": "2016-12-01T00:00:00",
"dateUpdated": "2024-08-05T14:02:06.983Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2010-0428
Vulnerability from cvelistv5
Published
2010-08-24 17:00
Modified
2024-08-07 00:45
Severity ?
EPSS score ?
Summary
libspice, as used in QEMU-KVM in the Hypervisor (aka rhev-hypervisor) in Red Hat Enterprise Virtualization (RHEV) 2.2 and qspice 0.3.0, does not properly validate guest QXL driver pointers, which allows guest OS users to cause a denial of service (invalid pointer dereference and guest OS crash) or possibly gain privileges via unspecified vectors.
References
| ▼ | URL | Tags |
|---|---|---|
| https://rhn.redhat.com/errata/RHSA-2010-0622.html | vendor-advisory, x_refsource_REDHAT | |
| https://bugzilla.redhat.com/show_bug.cgi?id=568699 | x_refsource_CONFIRM | |
| https://rhn.redhat.com/errata/RHSA-2010-0633.html | vendor-advisory, x_refsource_REDHAT |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T00:45:12.298Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "RHSA-2010:0622",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://rhn.redhat.com/errata/RHSA-2010-0622.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=568699"
},
{
"name": "RHSA-2010:0633",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://rhn.redhat.com/errata/RHSA-2010-0633.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "libspice, as used in QEMU-KVM in the Hypervisor (aka rhev-hypervisor) in Red Hat Enterprise Virtualization (RHEV) 2.2 and qspice 0.3.0, does not properly validate guest QXL driver pointers, which allows guest OS users to cause a denial of service (invalid pointer dereference and guest OS crash) or possibly gain privileges via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2010-08-24T17:00:00Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "RHSA-2010:0622",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://rhn.redhat.com/errata/RHSA-2010-0622.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=568699"
},
{
"name": "RHSA-2010:0633",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://rhn.redhat.com/errata/RHSA-2010-0633.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2010-0428",
"datePublished": "2010-08-24T17:00:00Z",
"dateReserved": "2010-01-27T00:00:00Z",
"dateUpdated": "2024-08-07T00:45:12.298Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2013-4181
Vulnerability from cvelistv5
Published
2013-09-16 19:00
Modified
2024-08-06 16:38
Severity ?
EPSS score ?
Summary
Cross-site scripting (XSS) vulnerability in the addAlert function in the RedirectServlet servlet in oVirt Engine and Red Hat Enterprise Virtualization Manager (RHEV-M), as used in Red Hat Enterprise Virtualization 3 and 3.2, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
References
| ▼ | URL | Tags |
|---|---|---|
| https://bugzilla.redhat.com/show_bug.cgi?id=988774 | x_refsource_CONFIRM | |
| http://rhn.redhat.com/errata/RHSA-2013-1210.html | vendor-advisory, x_refsource_REDHAT |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T16:38:01.478Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=988774"
},
{
"name": "RHSA-2013:1210",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1210.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in the addAlert function in the RedirectServlet servlet in oVirt Engine and Red Hat Enterprise Virtualization Manager (RHEV-M), as used in Red Hat Enterprise Virtualization 3 and 3.2, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2013-09-16T19:00:00Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=988774"
},
{
"name": "RHSA-2013:1210",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1210.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2013-4181",
"datePublished": "2013-09-16T19:00:00Z",
"dateReserved": "2013-06-12T00:00:00Z",
"dateUpdated": "2024-08-06T16:38:01.478Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2013-2151
Vulnerability from cvelistv5
Published
2014-01-21 18:00
Modified
2024-08-06 15:27
Severity ?
EPSS score ?
Summary
Unquoted Windows search path vulnerability in Red Hat Enterprise Virtualization (RHEV) 3 and 3.2 allows local users to gain privileges via a crafted application in an unspecified folder.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/60473 | vdb-entry, x_refsource_BID | |
| http://rhn.redhat.com/errata/RHSA-2013-0925.html | vendor-advisory, x_refsource_REDHAT | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/84868 | vdb-entry, x_refsource_XF |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T15:27:40.953Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "60473",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/60473"
},
{
"name": "RHSA-2013:0925",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-0925.html"
},
{
"name": "enterprise-cve20132151-priv-esc(84868)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/84868"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-06-10T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unquoted Windows search path vulnerability in Red Hat Enterprise Virtualization (RHEV) 3 and 3.2 allows local users to gain privileges via a crafted application in an unspecified folder."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-28T12:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "60473",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/60473"
},
{
"name": "RHSA-2013:0925",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-0925.html"
},
{
"name": "enterprise-cve20132151-priv-esc(84868)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/84868"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2013-2151",
"datePublished": "2014-01-21T18:00:00",
"dateReserved": "2013-02-19T00:00:00",
"dateUpdated": "2024-08-06T15:27:40.953Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2016-5432
Vulnerability from cvelistv5
Published
2016-10-03 18:00
Modified
2024-08-06 01:01
Severity ?
EPSS score ?
Summary
The ovirt-engine-provisiondb utility in Red Hat Enterprise Virtualization (RHEV) Engine 4.0 allows local users to obtain sensitive database provisioning information by reading log files.
References
| ▼ | URL | Tags |
|---|---|---|
| https://gerrit.ovirt.org/#/q/I40c88ad48f8f7c2b8e06802137870b0c198b5129 | x_refsource_CONFIRM | |
| http://rhn.redhat.com/errata/RHSA-2016-1967.html | vendor-advisory, x_refsource_REDHAT | |
| https://bugzilla.redhat.com/show_bug.cgi?id=1371428 | x_refsource_CONFIRM | |
| http://www.securityfocus.com/bid/92694 | vdb-entry, x_refsource_BID |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T01:01:00.560Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://gerrit.ovirt.org/#/q/I40c88ad48f8f7c2b8e06802137870b0c198b5129"
},
{
"name": "RHSA-2016:1967",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-1967.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1371428"
},
{
"name": "92694",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/92694"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-09-28T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The ovirt-engine-provisiondb utility in Red Hat Enterprise Virtualization (RHEV) Engine 4.0 allows local users to obtain sensitive database provisioning information by reading log files."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-11-25T19:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://gerrit.ovirt.org/#/q/I40c88ad48f8f7c2b8e06802137870b0c198b5129"
},
{
"name": "RHSA-2016:1967",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-1967.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1371428"
},
{
"name": "92694",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/92694"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2016-5432",
"datePublished": "2016-10-03T18:00:00",
"dateReserved": "2016-06-10T00:00:00",
"dateUpdated": "2024-08-06T01:01:00.560Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2012-3405
Vulnerability from cvelistv5
Published
2014-02-10 17:00
Modified
2024-08-06 20:05
Severity ?
EPSS score ?
Summary
The vfprintf function in stdio-common/vfprintf.c in libc in GNU C Library (aka glibc) 2.14 and other versions does not properly calculate a buffer length, which allows context-dependent attackers to bypass the FORTIFY_SOURCE format-string protection mechanism and cause a denial of service (segmentation fault and crash) via a format string with a large number of format specifiers that triggers "desynchronization within the buffer size handling," a different vulnerability than CVE-2012-3404.
References
| ▼ | URL | Tags |
|---|---|---|
| http://rhn.redhat.com/errata/RHSA-2012-1200.html | vendor-advisory, x_refsource_REDHAT | |
| https://bugzilla.redhat.com/show_bug.cgi?id=833704 | x_refsource_CONFIRM | |
| https://sourceware.org/bugzilla/show_bug.cgi?id=13446 | x_refsource_CONFIRM | |
| https://security.gentoo.org/glsa/201503-04 | vendor-advisory, x_refsource_GENTOO | |
| http://rhn.redhat.com/errata/RHSA-2012-1098.html | vendor-advisory, x_refsource_REDHAT | |
| http://www.ubuntu.com/usn/USN-1589-1 | vendor-advisory, x_refsource_UBUNTU | |
| http://www.openwall.com/lists/oss-security/2012/07/11/17 | mailing-list, x_refsource_MLIST |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T20:05:12.277Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "RHSA-2012:1200",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-1200.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=833704"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=13446"
},
{
"name": "GLSA-201503-04",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201503-04"
},
{
"name": "RHSA-2012:1098",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-1098.html"
},
{
"name": "USN-1589-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-1589-1"
},
{
"name": "[oss-security] 20120711 Re: CVE request: glibc formatted printing vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2012/07/11/17"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2011-12-18T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The vfprintf function in stdio-common/vfprintf.c in libc in GNU C Library (aka glibc) 2.14 and other versions does not properly calculate a buffer length, which allows context-dependent attackers to bypass the FORTIFY_SOURCE format-string protection mechanism and cause a denial of service (segmentation fault and crash) via a format string with a large number of format specifiers that triggers \"desynchronization within the buffer size handling,\" a different vulnerability than CVE-2012-3404."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-06-30T16:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "RHSA-2012:1200",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-1200.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=833704"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=13446"
},
{
"name": "GLSA-201503-04",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201503-04"
},
{
"name": "RHSA-2012:1098",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-1098.html"
},
{
"name": "USN-1589-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-1589-1"
},
{
"name": "[oss-security] 20120711 Re: CVE request: glibc formatted printing vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2012/07/11/17"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2012-3405",
"datePublished": "2014-02-10T17:00:00",
"dateReserved": "2012-06-14T00:00:00",
"dateUpdated": "2024-08-06T20:05:12.277Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2013-0167
Vulnerability from cvelistv5
Published
2013-08-19 23:00
Modified
2024-08-06 14:18
Severity ?
EPSS score ?
Summary
VDSM in Red Hat Enterprise Virtualization 3 and 3.2 allows privileged guest users to cause the host to become "unavailable to the managment server" via guestInfo dictionaries with "unexpected fields."
References
| ▼ | URL | Tags |
|---|---|---|
| https://bugzilla.redhat.com/show_bug.cgi?id=893332 | x_refsource_CONFIRM | |
| https://rhn.redhat.com/errata/RHSA-2013-0907.html | vendor-advisory, x_refsource_REDHAT | |
| https://rhn.redhat.com/errata/RHSA-2013-0886.html | vendor-advisory, x_refsource_REDHAT |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T14:18:09.090Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=893332"
},
{
"name": "RHSA-2013:0907",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://rhn.redhat.com/errata/RHSA-2013-0907.html"
},
{
"name": "RHSA-2013:0886",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://rhn.redhat.com/errata/RHSA-2013-0886.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "VDSM in Red Hat Enterprise Virtualization 3 and 3.2 allows privileged guest users to cause the host to become \"unavailable to the managment server\" via guestInfo dictionaries with \"unexpected fields.\""
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2013-08-19T23:00:00Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=893332"
},
{
"name": "RHSA-2013:0907",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://rhn.redhat.com/errata/RHSA-2013-0907.html"
},
{
"name": "RHSA-2013:0886",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://rhn.redhat.com/errata/RHSA-2013-0886.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2013-0167",
"datePublished": "2013-08-19T23:00:00Z",
"dateReserved": "2012-12-06T00:00:00Z",
"dateUpdated": "2024-08-06T14:18:09.090Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2010-0429
Vulnerability from cvelistv5
Published
2010-08-24 17:00
Modified
2024-08-07 00:45
Severity ?
EPSS score ?
Summary
libspice, as used in QEMU-KVM in the Hypervisor (aka rhev-hypervisor) in Red Hat Enterprise Virtualization (RHEV) 2.2 and qspice 0.3.0, does not properly restrict the addresses upon which memory-management actions are performed, which allows guest OS users to cause a denial of service (guest OS crash) or possibly gain privileges via unspecified vectors.
References
| ▼ | URL | Tags |
|---|---|---|
| https://bugzilla.redhat.com/show_bug.cgi?id=568701 | x_refsource_CONFIRM | |
| https://rhn.redhat.com/errata/RHSA-2010-0622.html | vendor-advisory, x_refsource_REDHAT | |
| https://rhn.redhat.com/errata/RHSA-2010-0633.html | vendor-advisory, x_refsource_REDHAT |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T00:45:12.244Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=568701"
},
{
"name": "RHSA-2010:0622",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://rhn.redhat.com/errata/RHSA-2010-0622.html"
},
{
"name": "RHSA-2010:0633",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://rhn.redhat.com/errata/RHSA-2010-0633.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "libspice, as used in QEMU-KVM in the Hypervisor (aka rhev-hypervisor) in Red Hat Enterprise Virtualization (RHEV) 2.2 and qspice 0.3.0, does not properly restrict the addresses upon which memory-management actions are performed, which allows guest OS users to cause a denial of service (guest OS crash) or possibly gain privileges via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2010-08-24T17:00:00Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=568701"
},
{
"name": "RHSA-2010:0622",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://rhn.redhat.com/errata/RHSA-2010-0622.html"
},
{
"name": "RHSA-2010:0633",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://rhn.redhat.com/errata/RHSA-2010-0633.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2010-0429",
"datePublished": "2010-08-24T17:00:00Z",
"dateReserved": "2010-01-27T00:00:00Z",
"dateUpdated": "2024-08-07T00:45:12.244Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2015-5201
Vulnerability from cvelistv5
Published
2020-02-25 20:16
Modified
2024-08-06 06:41
Severity ?
EPSS score ?
Summary
VDSM and libvirt in Red Hat Enterprise Virtualization Hypervisor (aka RHEV-H) 7-7.x before 7-7.2-20151119.0 and 6-6.x before 6-6.7-20151117.0 as packaged in Red Hat Enterprise Virtualization before 3.5.6 when VSDM is run with -spice disable-ticketing and a VM is suspended and then restored, allows remote attackers to log in without authentication via unspecified vectors.
References
| ▼ | URL | Tags |
|---|---|---|
| https://bugzilla.redhat.com/show_bug.cgi?id=1253882 | x_refsource_MISC | |
| https://rhn.redhat.com/errata/RHEA-2015-2527.html | x_refsource_MISC | |
| https://bugzilla.redhat.com/show_bug.cgi?id=1273144 | x_refsource_MISC | |
| https://access.redhat.com/security/cve/cve-2015-5201 | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | RedHat | Enterprise Virtualization Hypervisor (aka RHEV-H) |
Version: 7-7.x before 7-7.2-20151119.0 and 6-6.x before 6-6.7-20151117.0 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T06:41:08.567Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1253882"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://rhn.redhat.com/errata/RHEA-2015-2527.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1273144"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://access.redhat.com/security/cve/cve-2015-5201"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Enterprise Virtualization Hypervisor (aka RHEV-H)",
"vendor": "RedHat",
"versions": [
{
"status": "affected",
"version": "7-7.x before 7-7.2-20151119.0 and 6-6.x before 6-6.7-20151117.0"
}
]
}
],
"datePublic": "2015-08-14T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "VDSM and libvirt in Red Hat Enterprise Virtualization Hypervisor (aka RHEV-H) 7-7.x before 7-7.2-20151119.0 and 6-6.x before 6-6.7-20151117.0 as packaged in Red Hat Enterprise Virtualization before 3.5.6 when VSDM is run with -spice disable-ticketing and a VM is suspended and then restored, allows remote attackers to log in without authentication via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Weak Authentication",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-02-25T20:16:02",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1253882"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://rhn.redhat.com/errata/RHEA-2015-2527.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1273144"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://access.redhat.com/security/cve/cve-2015-5201"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2015-5201",
"datePublished": "2020-02-25T20:16:02",
"dateReserved": "2015-07-01T00:00:00",
"dateUpdated": "2024-08-06T06:41:08.567Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2014-3561
Vulnerability from cvelistv5
Published
2014-12-05 16:00
Modified
2024-08-06 10:50
Severity ?
EPSS score ?
Summary
The rhevm-log-collector package in Red Hat Enterprise Virtualization 3.4 uses the PostgreSQL database password on the command line when calling sosreport, which allows local users to obtain sensitive information by listing the processes.
References
| ▼ | URL | Tags |
|---|---|---|
| https://exchange.xforce.ibmcloud.com/vulnerabilities/99096 | vdb-entry, x_refsource_XF | |
| http://www.securitytracker.com/id/1031291 | vdb-entry, x_refsource_SECTRACK | |
| http://rhn.redhat.com/errata/RHSA-2014-1947.html | vendor-advisory, x_refsource_REDHAT |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T10:50:17.352Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "rhevm-log-collector-info-disc(99096)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/99096"
},
{
"name": "1031291",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1031291"
},
{
"name": "RHSA-2014:1947",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-1947.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-12-02T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The rhevm-log-collector package in Red Hat Enterprise Virtualization 3.4 uses the PostgreSQL database password on the command line when calling sosreport, which allows local users to obtain sensitive information by listing the processes."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-28T12:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "rhevm-log-collector-info-disc(99096)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/99096"
},
{
"name": "1031291",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1031291"
},
{
"name": "RHSA-2014:1947",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-1947.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2014-3561",
"datePublished": "2014-12-05T16:00:00",
"dateReserved": "2014-05-14T00:00:00",
"dateUpdated": "2024-08-06T10:50:17.352Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2013-4282
Vulnerability from cvelistv5
Published
2013-11-02 19:00
Modified
2024-08-06 16:38
Severity ?
EPSS score ?
Summary
Stack-based buffer overflow in the reds_handle_ticket function in server/reds.c in SPICE 0.12.0 allows remote attackers to cause a denial of service (crash) via a long password in a SPICE ticket.
References
| ▼ | URL | Tags |
|---|---|---|
| http://rhn.redhat.com/errata/RHSA-2013-1473.html | vendor-advisory, x_refsource_REDHAT | |
| http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00008.html | vendor-advisory, x_refsource_SUSE | |
| http://rhn.redhat.com/errata/RHSA-2013-1474.html | vendor-advisory, x_refsource_REDHAT | |
| http://www.debian.org/security/2014/dsa-2839 | vendor-advisory, x_refsource_DEBIAN | |
| http://cgit.freedesktop.org/spice/spice/commit/?id=8af619009660b24e0b41ad26b30289eea288fcc2 | x_refsource_CONFIRM | |
| http://rhn.redhat.com/errata/RHSA-2013-1460.html | vendor-advisory, x_refsource_REDHAT | |
| http://www.ubuntu.com/usn/USN-2027-1 | vendor-advisory, x_refsource_UBUNTU | |
| http://www.securityfocus.com/bid/63408 | vdb-entry, x_refsource_BID |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T16:38:01.900Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "RHSA-2013:1473",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1473.html"
},
{
"name": "SUSE-SU-2015:0884",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00008.html"
},
{
"name": "RHSA-2013:1474",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1474.html"
},
{
"name": "DSA-2839",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2014/dsa-2839"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://cgit.freedesktop.org/spice/spice/commit/?id=8af619009660b24e0b41ad26b30289eea288fcc2"
},
{
"name": "RHSA-2013:1460",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1460.html"
},
{
"name": "USN-2027-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2027-1"
},
{
"name": "63408",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/63408"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-10-29T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Stack-based buffer overflow in the reds_handle_ticket function in server/reds.c in SPICE 0.12.0 allows remote attackers to cause a denial of service (crash) via a long password in a SPICE ticket."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-12-30T15:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "RHSA-2013:1473",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1473.html"
},
{
"name": "SUSE-SU-2015:0884",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00008.html"
},
{
"name": "RHSA-2013:1474",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1474.html"
},
{
"name": "DSA-2839",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2014/dsa-2839"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://cgit.freedesktop.org/spice/spice/commit/?id=8af619009660b24e0b41ad26b30289eea288fcc2"
},
{
"name": "RHSA-2013:1460",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1460.html"
},
{
"name": "USN-2027-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2027-1"
},
{
"name": "63408",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/63408"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2013-4282",
"datePublished": "2013-11-02T19:00:00",
"dateReserved": "2013-06-12T00:00:00",
"dateUpdated": "2024-08-06T16:38:01.900Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2016-4443
Vulnerability from cvelistv5
Published
2016-12-14 18:00
Modified
2024-08-06 00:32
Severity ?
EPSS score ?
Summary
Red Hat Enterprise Virtualization (RHEV) Manager 3.6 allows local users to obtain encryption keys, certificates, and other sensitive information by reading the engine-setup log file.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/92751 | vdb-entry, x_refsource_BID | |
| http://www.securitytracker.com/id/1036863 | vdb-entry, x_refsource_SECTRACK | |
| http://rhn.redhat.com/errata/RHSA-2016-1929.html | vendor-advisory, x_refsource_REDHAT | |
| https://bugzilla.redhat.com/show_bug.cgi?id=1335106 | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T00:32:25.186Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "92751",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/92751"
},
{
"name": "1036863",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1036863"
},
{
"name": "RHSA-2016:1929",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-1929.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1335106"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-09-02T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Red Hat Enterprise Virtualization (RHEV) Manager 3.6 allows local users to obtain encryption keys, certificates, and other sensitive information by reading the engine-setup log file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-12-14T17:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "92751",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/92751"
},
{
"name": "1036863",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1036863"
},
{
"name": "RHSA-2016:1929",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-1929.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1335106"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2016-4443",
"datePublished": "2016-12-14T18:00:00",
"dateReserved": "2016-05-02T00:00:00",
"dateUpdated": "2024-08-06T00:32:25.186Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2013-1591
Vulnerability from cvelistv5
Published
2013-01-31 23:00
Modified
2024-08-06 15:04
Severity ?
EPSS score ?
Summary
Stack-based buffer overflow in libpixman, as used in Pale Moon before 15.4 and possibly other products, has unspecified impact and context-dependent attack vectors. NOTE: this issue might be resultant from an integer overflow in the fast_composite_scaled_bilinear function in pixman-inlines.h, which triggers an infinite loop.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.palemoon.org/releasenotes-ng.shtml | x_refsource_CONFIRM | |
| https://wiki.mageia.org/en/Support/Advisories/MGASA-2013-0077 | x_refsource_CONFIRM | |
| http://rhn.redhat.com/errata/RHSA-2013-0687.html | vendor-advisory, x_refsource_REDHAT | |
| https://bugzilla.redhat.com/show_bug.cgi?id=910149 | x_refsource_CONFIRM | |
| http://rhn.redhat.com/errata/RHSA-2013-0746.html | vendor-advisory, x_refsource_REDHAT | |
| http://cgit.freedesktop.org/pixman/commit/?id=de60e2e0e3eb6084f8f14b63f25b3cbfb012943f | x_refsource_MISC | |
| http://www.mandriva.com/security/advisories?name=MDVSA-2013:116 | vendor-advisory, x_refsource_MANDRIVA | |
| https://support.f5.com/csp/article/K51392553 | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T15:04:49.578Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.palemoon.org/releasenotes-ng.shtml"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://wiki.mageia.org/en/Support/Advisories/MGASA-2013-0077"
},
{
"name": "RHSA-2013:0687",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-0687.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=910149"
},
{
"name": "RHSA-2013:0746",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-0746.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://cgit.freedesktop.org/pixman/commit/?id=de60e2e0e3eb6084f8f14b63f25b3cbfb012943f"
},
{
"name": "MDVSA-2013:116",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:116"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.f5.com/csp/article/K51392553"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-01-16T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Stack-based buffer overflow in libpixman, as used in Pale Moon before 15.4 and possibly other products, has unspecified impact and context-dependent attack vectors. NOTE: this issue might be resultant from an integer overflow in the fast_composite_scaled_bilinear function in pixman-inlines.h, which triggers an infinite loop."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-05-22T12:06:04",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.palemoon.org/releasenotes-ng.shtml"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://wiki.mageia.org/en/Support/Advisories/MGASA-2013-0077"
},
{
"name": "RHSA-2013:0687",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-0687.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=910149"
},
{
"name": "RHSA-2013:0746",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-0746.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://cgit.freedesktop.org/pixman/commit/?id=de60e2e0e3eb6084f8f14b63f25b3cbfb012943f"
},
{
"name": "MDVSA-2013:116",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:116"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.f5.com/csp/article/K51392553"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2013-1591",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Stack-based buffer overflow in libpixman, as used in Pale Moon before 15.4 and possibly other products, has unspecified impact and context-dependent attack vectors. NOTE: this issue might be resultant from an integer overflow in the fast_composite_scaled_bilinear function in pixman-inlines.h, which triggers an infinite loop."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.palemoon.org/releasenotes-ng.shtml",
"refsource": "CONFIRM",
"url": "http://www.palemoon.org/releasenotes-ng.shtml"
},
{
"name": "https://wiki.mageia.org/en/Support/Advisories/MGASA-2013-0077",
"refsource": "CONFIRM",
"url": "https://wiki.mageia.org/en/Support/Advisories/MGASA-2013-0077"
},
{
"name": "RHSA-2013:0687",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2013-0687.html"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=910149",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=910149"
},
{
"name": "RHSA-2013:0746",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2013-0746.html"
},
{
"name": "http://cgit.freedesktop.org/pixman/commit/?id=de60e2e0e3eb6084f8f14b63f25b3cbfb012943f",
"refsource": "MISC",
"url": "http://cgit.freedesktop.org/pixman/commit/?id=de60e2e0e3eb6084f8f14b63f25b3cbfb012943f"
},
{
"name": "MDVSA-2013:116",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:116"
},
{
"name": "https://support.f5.com/csp/article/K51392553",
"refsource": "CONFIRM",
"url": "https://support.f5.com/csp/article/K51392553"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2013-1591",
"datePublished": "2013-01-31T23:00:00",
"dateReserved": "2013-01-31T00:00:00",
"dateUpdated": "2024-08-06T15:04:49.578Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2013-4280
Vulnerability from cvelistv5
Published
2019-11-04 18:50
Modified
2024-08-06 16:38
Severity ?
EPSS score ?
Summary
Insecure temporary file vulnerability in RedHat vsdm 4.9.6.
References
| ▼ | URL | Tags |
|---|---|---|
| https://security-tracker.debian.org/tracker/CVE-2013-4280 | x_refsource_MISC | |
| https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4280 | x_refsource_MISC | |
| https://access.redhat.com/security/cve/cve-2013-4280 | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T16:38:01.855Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://security-tracker.debian.org/tracker/CVE-2013-4280"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4280"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://access.redhat.com/security/cve/cve-2013-4280"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "vdsm",
"vendor": "RedHat",
"versions": [
{
"status": "affected",
"version": "through 2013-07-24"
}
]
}
],
"datePublic": "2013-07-24T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Insecure temporary file vulnerability in RedHat vsdm 4.9.6."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "/tmp file vulnerability issues",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-11-04T18:50:52",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://security-tracker.debian.org/tracker/CVE-2013-4280"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4280"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://access.redhat.com/security/cve/cve-2013-4280"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2013-4280",
"datePublished": "2019-11-04T18:50:52",
"dateReserved": "2013-06-12T00:00:00",
"dateUpdated": "2024-08-06T16:38:01.855Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2014-0179
Vulnerability from cvelistv5
Published
2014-08-03 18:00
Modified
2024-08-06 09:05
Severity ?
EPSS score ?
Summary
libvirt 0.7.5 through 1.2.x before 1.2.5 allows local users to cause a denial of service (read block and hang) via a crafted XML document containing an XML external entity declaration in conjunction with an entity reference to the (1) virConnectCompareCPU or (2) virConnectBaselineCPU API method, related to an XML External Entity (XXE) issue. NOTE: this issue was SPLIT per ADT3 due to different affected versions of some vectors. CVE-2014-5177 is used for other API methods.
References
| ▼ | URL | Tags |
|---|---|---|
| http://rhn.redhat.com/errata/RHSA-2014-0560.html | vendor-advisory, x_refsource_REDHAT | |
| http://libvirt.org/news.html | x_refsource_CONFIRM | |
| http://secunia.com/advisories/60895 | third-party-advisory, x_refsource_SECUNIA | |
| http://security.gentoo.org/glsa/glsa-201412-04.xml | vendor-advisory, x_refsource_GENTOO | |
| http://lists.opensuse.org/opensuse-updates/2014-05/msg00052.html | vendor-advisory, x_refsource_SUSE | |
| http://www.debian.org/security/2014/dsa-3038 | vendor-advisory, x_refsource_DEBIAN | |
| http://lists.opensuse.org/opensuse-updates/2014-05/msg00048.html | vendor-advisory, x_refsource_SUSE | |
| http://www.ubuntu.com/usn/USN-2366-1 | vendor-advisory, x_refsource_UBUNTU | |
| http://security.libvirt.org/2014/0003.html | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T09:05:39.165Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "RHSA-2014:0560",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0560.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://libvirt.org/news.html"
},
{
"name": "60895",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/60895"
},
{
"name": "GLSA-201412-04",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-201412-04.xml"
},
{
"name": "openSUSE-SU-2014:0674",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2014-05/msg00052.html"
},
{
"name": "DSA-3038",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2014/dsa-3038"
},
{
"name": "openSUSE-SU-2014:0650",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2014-05/msg00048.html"
},
{
"name": "USN-2366-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2366-1"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://security.libvirt.org/2014/0003.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-05-06T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "libvirt 0.7.5 through 1.2.x before 1.2.5 allows local users to cause a denial of service (read block and hang) via a crafted XML document containing an XML external entity declaration in conjunction with an entity reference to the (1) virConnectCompareCPU or (2) virConnectBaselineCPU API method, related to an XML External Entity (XXE) issue. NOTE: this issue was SPLIT per ADT3 due to different affected versions of some vectors. CVE-2014-5177 is used for other API methods."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2014-12-12T13:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "RHSA-2014:0560",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0560.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://libvirt.org/news.html"
},
{
"name": "60895",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/60895"
},
{
"name": "GLSA-201412-04",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-201412-04.xml"
},
{
"name": "openSUSE-SU-2014:0674",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2014-05/msg00052.html"
},
{
"name": "DSA-3038",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2014/dsa-3038"
},
{
"name": "openSUSE-SU-2014:0650",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2014-05/msg00048.html"
},
{
"name": "USN-2366-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2366-1"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://security.libvirt.org/2014/0003.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2014-0179",
"datePublished": "2014-08-03T18:00:00",
"dateReserved": "2013-12-03T00:00:00",
"dateUpdated": "2024-08-06T09:05:39.165Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2010-2784
Vulnerability from cvelistv5
Published
2010-08-24 17:00
Modified
2024-08-07 02:46
Severity ?
EPSS score ?
Summary
The subpage MMIO initialization functionality in the subpage_register function in exec.c in QEMU-KVM, as used in the Hypervisor (aka rhev-hypervisor) in Red Hat Enterprise Virtualization (RHEV) 2.2 and KVM 83, does not properly select the index for access to the callback array, which allows guest OS users to cause a denial of service (guest OS crash) or possibly gain privileges via unspecified vectors.
References
| ▼ | URL | Tags |
|---|---|---|
| https://rhn.redhat.com/errata/RHSA-2010-0627.html | vendor-advisory, x_refsource_REDHAT | |
| https://rhn.redhat.com/errata/RHSA-2010-0622.html | vendor-advisory, x_refsource_REDHAT | |
| https://bugzilla.redhat.com/show_bug.cgi?id=619411 | x_refsource_CONFIRM | |
| http://www.spinics.net/lists/kvm/msg39173.html | mailing-list, x_refsource_MLIST |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T02:46:48.590Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "RHSA-2010:0627",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://rhn.redhat.com/errata/RHSA-2010-0627.html"
},
{
"name": "RHSA-2010:0622",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://rhn.redhat.com/errata/RHSA-2010-0622.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=619411"
},
{
"name": "[kvm] 20100728 [PATCH 1/2] Fix segfault in mmio subpage handling code",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.spinics.net/lists/kvm/msg39173.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The subpage MMIO initialization functionality in the subpage_register function in exec.c in QEMU-KVM, as used in the Hypervisor (aka rhev-hypervisor) in Red Hat Enterprise Virtualization (RHEV) 2.2 and KVM 83, does not properly select the index for access to the callback array, which allows guest OS users to cause a denial of service (guest OS crash) or possibly gain privileges via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2010-08-24T17:00:00Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "RHSA-2010:0627",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://rhn.redhat.com/errata/RHSA-2010-0627.html"
},
{
"name": "RHSA-2010:0622",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://rhn.redhat.com/errata/RHSA-2010-0622.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=619411"
},
{
"name": "[kvm] 20100728 [PATCH 1/2] Fix segfault in mmio subpage handling code",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.spinics.net/lists/kvm/msg39173.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2010-2784",
"datePublished": "2010-08-24T17:00:00Z",
"dateReserved": "2010-07-22T00:00:00Z",
"dateUpdated": "2024-08-07T02:46:48.590Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2014-3559
Vulnerability from cvelistv5
Published
2014-08-06 19:00
Modified
2024-08-06 10:50
Severity ?
EPSS score ?
Summary
The oVirt storage backend in Red Hat Enterprise Virtualization 3.4 does not wipe memory snapshots when deleting a VM, even when wipe-after-delete (WAD) is configured for the VM's disk, which allows remote authenticated users with certain credentials to read portions of the deleted VM's memory and obtain sensitive information via an uninitialized storage volume.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securitytracker.com/id/1030664 | vdb-entry, x_refsource_SECTRACK | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/95098 | vdb-entry, x_refsource_XF | |
| http://rhn.redhat.com/errata/RHSA-2014-1002.html | vendor-advisory, x_refsource_REDHAT | |
| https://bugzilla.redhat.com/show_bug.cgi?id=1121925 | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T10:50:17.841Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1030664",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1030664"
},
{
"name": "virtualizationmanager-cve20143559-info-disc(95098)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95098"
},
{
"name": "RHSA-2014:1002",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-1002.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1121925"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-08-04T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The oVirt storage backend in Red Hat Enterprise Virtualization 3.4 does not wipe memory snapshots when deleting a VM, even when wipe-after-delete (WAD) is configured for the VM\u0027s disk, which allows remote authenticated users with certain credentials to read portions of the deleted VM\u0027s memory and obtain sensitive information via an uninitialized storage volume."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-28T12:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "1030664",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1030664"
},
{
"name": "virtualizationmanager-cve20143559-info-disc(95098)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95098"
},
{
"name": "RHSA-2014:1002",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-1002.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1121925"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2014-3559",
"datePublished": "2014-08-06T19:00:00",
"dateReserved": "2014-05-14T00:00:00",
"dateUpdated": "2024-08-06T10:50:17.841Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2018-1074
Vulnerability from cvelistv5
Published
2018-04-26 17:00
Modified
2024-08-05 03:51
Severity ?
EPSS score ?
Summary
ovirt-engine API and administration web portal before versions 4.2.2.5, 4.1.11.2 is vulnerable to an exposure of Power Management credentials, including cleartext passwords to Host Administrators. A Host Administrator could use this flaw to gain access to the power management systems of hosts they control.
References
| ▼ | URL | Tags |
|---|---|---|
| https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-1074 | x_refsource_CONFIRM | |
| https://access.redhat.com/errata/RHBA-2018:1219 | vendor-advisory, x_refsource_REDHAT |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | unspecified | ovirt-engine |
Version: ovirt-engine 4.2.2.5 Version: ovirt-engine 4.1.11.2 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T03:51:48.452Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-1074"
},
{
"name": "RHBA-2018:1219",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHBA-2018:1219"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "ovirt-engine",
"vendor": "unspecified",
"versions": [
{
"status": "affected",
"version": "ovirt-engine 4.2.2.5"
},
{
"status": "affected",
"version": " ovirt-engine 4.1.11.2"
}
]
}
],
"datePublic": "2018-04-26T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "ovirt-engine API and administration web portal before versions 4.2.2.5, 4.1.11.2 is vulnerable to an exposure of Power Management credentials, including cleartext passwords to Host Administrators. A Host Administrator could use this flaw to gain access to the power management systems of hosts they control."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-200",
"description": "CWE-200",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-04-27T09:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-1074"
},
{
"name": "RHBA-2018:1219",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHBA-2018:1219"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2018-1074",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "ovirt-engine",
"version": {
"version_data": [
{
"version_value": "ovirt-engine 4.2.2.5"
},
{
"version_value": " ovirt-engine 4.1.11.2"
}
]
}
}
]
},
"vendor_name": ""
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "ovirt-engine API and administration web portal before versions 4.2.2.5, 4.1.11.2 is vulnerable to an exposure of Power Management credentials, including cleartext passwords to Host Administrators. A Host Administrator could use this flaw to gain access to the power management systems of hosts they control."
}
]
},
"impact": {
"cvss": [
[
{
"vectorString": "7.7/CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N",
"version": "3.0"
}
]
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-200"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-1074",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-1074"
},
{
"name": "RHBA-2018:1219",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHBA-2018:1219"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2018-1074",
"datePublished": "2018-04-26T17:00:00",
"dateReserved": "2017-12-04T00:00:00",
"dateUpdated": "2024-08-05T03:51:48.452Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Vulnerability from fkie_nvd
Published
2017-04-20 17:59
Modified
2024-11-21 02:55
Severity ?
Summary
ovirt-engine-webadmin, as used in Red Hat Enterprise Virtualization Manager (aka RHEV-M) for Servers and RHEV-M 4.0, allows physically proximate attackers to bypass a webadmin session timeout restriction via vectors related to UI selections, which trigger repeating queries.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| secalert@redhat.com | http://www.securityfocus.com/bid/92666 | Third Party Advisory, VDB Entry | |
| secalert@redhat.com | https://access.redhat.com/errata/RHSA-2017:3427 | ||
| secalert@redhat.com | https://bugzilla.redhat.com/show_bug.cgi?id=1369285 | Exploit, Issue Tracking | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/92666 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://access.redhat.com/errata/RHSA-2017:3427 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/show_bug.cgi?id=1369285 | Exploit, Issue Tracking |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| redhat | enterprise_virtualization | 4.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:redhat:enterprise_virtualization:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "12544770-1AF9-4DD3-BC72-579DA0BC0F3E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "ovirt-engine-webadmin, as used in Red Hat Enterprise Virtualization Manager (aka RHEV-M) for Servers and RHEV-M 4.0, allows physically proximate attackers to bypass a webadmin session timeout restriction via vectors related to UI selections, which trigger repeating queries."
},
{
"lang": "es",
"value": "ovirt-engine-webadmin, como se utiliza en Red Hat Enterprise Virtualization Manager (tambi\u00e9n conocido como RHEV-M) para Servers y RHEV-M 4.0, permite a los atacantes f\u00edsicamente pr\u00f3ximos eludir una restricci\u00f3n de tiempo de espera de la sesi\u00f3n webadmin a trav\u00e9s de vectores relacionados con las selecciones de interfaz de usuario, que desencadenan las consultas repetidas."
}
],
"id": "CVE-2016-6338",
"lastModified": "2024-11-21T02:55:55.877",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "PHYSICAL",
"availabilityImpact": "HIGH",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 0.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-04-20T17:59:00.960",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/92666"
},
{
"source": "secalert@redhat.com",
"url": "https://access.redhat.com/errata/RHSA-2017:3427"
},
{
"source": "secalert@redhat.com",
"tags": [
"Exploit",
"Issue Tracking"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1369285"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/92666"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://access.redhat.com/errata/RHSA-2017:3427"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Issue Tracking"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1369285"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-284"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2014-08-03 18:55
Modified
2024-11-21 02:01
Severity ?
Summary
libvirt 0.7.5 through 1.2.x before 1.2.5 allows local users to cause a denial of service (read block and hang) via a crafted XML document containing an XML external entity declaration in conjunction with an entity reference to the (1) virConnectCompareCPU or (2) virConnectBaselineCPU API method, related to an XML External Entity (XXE) issue. NOTE: this issue was SPLIT per ADT3 due to different affected versions of some vectors. CVE-2014-5177 is used for other API methods.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:redhat:libvirt:0.7.5:*:*:*:*:*:*:*",
"matchCriteriaId": "8DCDC5B5-1DD4-4FF4-8AB4-D38F5418B873",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:libvirt:0.7.6:*:*:*:*:*:*:*",
"matchCriteriaId": "0054B43A-F844-47C8-B03A-01696117B7E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:libvirt:0.7.7:*:*:*:*:*:*:*",
"matchCriteriaId": "A5C78A50-0F41-405C-9ABA-EE088D0ABE60",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:libvirt:0.8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8322F4E2-0AD0-497B-871E-233C0E0F1490",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:libvirt:0.8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E41CEF32-4998-41D5-B971-12E7F4E39FB9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:libvirt:0.8.2:*:*:*:*:*:*:*",
"matchCriteriaId": "E43FD74C-5986-4E9E-9C4F-9891133084A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:libvirt:0.8.3:*:*:*:*:*:*:*",
"matchCriteriaId": "8D504B27-7BD0-4CB1-B8CA-76B7C537A4C3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:libvirt:0.8.4:*:*:*:*:*:*:*",
"matchCriteriaId": "CBFD9B43-52BA-4FF9-84A1-369B1A96A166",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:libvirt:0.8.5:*:*:*:*:*:*:*",
"matchCriteriaId": "10EE76EF-44D3-4645-B1E7-5BCFB4CB4204",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:libvirt:0.8.6:*:*:*:*:*:*:*",
"matchCriteriaId": "934215BC-33D1-453F-B49B-23B52E580214",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:libvirt:0.8.7:*:*:*:*:*:*:*",
"matchCriteriaId": "F274792B-F190-4A23-A551-6B07EA4028B1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:libvirt:0.8.8:*:*:*:*:*:*:*",
"matchCriteriaId": "F9D67FBC-4009-4FC1-B0CF-AA3C1505C2F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:libvirt:0.9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E2059834-5A26-4DB9-B400-DBBE15690AAB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:libvirt:0.9.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F2F6277D-6732-44BA-91B4-D57877E011BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:libvirt:0.9.2:*:*:*:*:*:*:*",
"matchCriteriaId": "2553A171-A830-4540-8CC6-51275F72AAEB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:libvirt:0.9.3:*:*:*:*:*:*:*",
"matchCriteriaId": "61C2C484-7AAB-475C-A44E-6D9DCF597DD8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:libvirt:0.9.4:*:*:*:*:*:*:*",
"matchCriteriaId": "04A75CCF-28E1-44CC-962C-C56A4F64B370",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:libvirt:0.9.5:*:*:*:*:*:*:*",
"matchCriteriaId": "B0E8A1AF-740A-454C-8019-B52654589603",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:libvirt:0.9.6:*:*:*:*:*:*:*",
"matchCriteriaId": "F040825C-C457-40A1-A04C-F362289E13F7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:libvirt:0.9.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E04748DC-4F9F-4BC2-A3D7-EAC3B73C5A8D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:libvirt:0.9.6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "E5F45083-97C6-466F-9D67-057DDD08CFD6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:libvirt:0.9.6.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F906DC41-4724-4F81-9402-4EA3BC3F38A0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:libvirt:0.9.7:*:*:*:*:*:*:*",
"matchCriteriaId": "3327FB7D-92DB-479F-BF1C-2565C8F1B25C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:libvirt:0.9.8:*:*:*:*:*:*:*",
"matchCriteriaId": "48F55C0A-3E6E-4E24-81D7-F023728E486A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:libvirt:0.9.9:*:*:*:*:*:*:*",
"matchCriteriaId": "ACB7C00E-DF4E-40AF-A503-202A2FE03D5E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:libvirt:0.9.10:*:*:*:*:*:*:*",
"matchCriteriaId": "6AB4E8A8-2B6C-4287-937B-C67A97EAB67A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:libvirt:0.9.11:*:*:*:*:*:*:*",
"matchCriteriaId": "53C3F149-D917-4BB6-B264-F316DD96D2B0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:libvirt:0.9.11.1:*:*:*:*:*:*:*",
"matchCriteriaId": "10857CB9-D8B1-4EB4-8D93-E0DCC05F0C35",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:libvirt:0.9.11.2:*:*:*:*:*:*:*",
"matchCriteriaId": "153AE3B9-F951-4AE5-9456-934E15445054",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:libvirt:0.9.11.3:*:*:*:*:*:*:*",
"matchCriteriaId": "CEE87D15-DA60-4F89-BCFD-9CAB68111D70",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:libvirt:0.9.11.4:*:*:*:*:*:*:*",
"matchCriteriaId": "9BD8C1F3-5920-4684-BD05-6FA88EDAB64F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:libvirt:0.9.11.5:*:*:*:*:*:*:*",
"matchCriteriaId": "60C81865-E1DB-40DA-9BB7-CE32C9EC4561",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:libvirt:0.9.11.6:*:*:*:*:*:*:*",
"matchCriteriaId": "C1DC7BA8-ED6D-42C2-87EC-42F85CD276C0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:libvirt:0.9.11.7:*:*:*:*:*:*:*",
"matchCriteriaId": "0AD99520-DF9D-4012-ADDB-14468FDEFB6D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:libvirt:0.9.11.8:*:*:*:*:*:*:*",
"matchCriteriaId": "780A2EC8-5D4B-40B0-9A5A-EDC020554D47",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:libvirt:0.9.12:*:*:*:*:*:*:*",
"matchCriteriaId": "78C18997-7086-4BB0-8490-EDB5394951F6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:libvirt:0.9.13:*:*:*:*:*:*:*",
"matchCriteriaId": "37F280ED-37E3-4AB5-9BF1-AC935D904503",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:libvirt:0.10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0AC1F6BC-AB75-45F7-B846-D8900A0C690A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:libvirt:0.10.1:*:*:*:*:*:*:*",
"matchCriteriaId": "97F5B122-AE6D-479F-BC46-66E3F729A7D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:libvirt:0.10.2:*:*:*:*:*:*:*",
"matchCriteriaId": "3C433B92-DE77-4B44-BE9D-98449FC7BF1B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:libvirt:0.10.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "28132532-C0C7-4EAE-ADAE-3ADA58AE2EC0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:libvirt:0.10.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "3DA73633-136A-422F-AF77-2C29224C6981",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:libvirt:0.10.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "6310759E-ADFB-4DF4-8D10-4DDC42D29AE2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:libvirt:0.10.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "7E2B1536-6671-4508-BC7D-6F11408B3CF0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:libvirt:0.10.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "AA7D7BAB-A2EC-4DD9-A7B8-D5806CD5F306",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:libvirt:0.10.2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "94E85C10-0192-46B4-828D-52BAE6A6F69C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:libvirt:0.10.2.7:*:*:*:*:*:*:*",
"matchCriteriaId": "52AF89AC-A906-479F-85AA-E9D47A83778F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:libvirt:0.10.2.8:*:*:*:*:*:*:*",
"matchCriteriaId": "D60D834F-926B-416B-AB66-FCD7981DDCF1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:libvirt:1.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E13A6AAE-BC1B-4CE1-B747-84F9C6B3FF73",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:libvirt:1.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "6DDA1805-ED8A-44AA-96FF-E676D278CCFD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:libvirt:1.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "BBD82EEA-279F-42CA-8F4C-A4D57EEBAB0D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:libvirt:1.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "320C2182-DBCF-4564-940A-D12673C73543",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:libvirt:1.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "EB635DBE-29F1-4055-A064-42539FC811C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:libvirt:1.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "67B77F63-C9AC-42D4-B9E2-4BBE196AC254",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:libvirt:1.0.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3256288E-5A49-4DCD-AE30-6B4E21AEF970",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:libvirt:1.0.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "25E764AE-3B7C-4378-97C5-10E835511684",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:libvirt:1.0.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "49FEFFA5-371E-4B1D-AAAE-C71AEB79A4AF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:libvirt:1.0.5.4:*:*:*:*:*:*:*",
"matchCriteriaId": "F982F65C-CBF9-4EE6-8FD6-C965141E42C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:libvirt:1.0.5.5:*:*:*:*:*:*:*",
"matchCriteriaId": "F4BF8152-79A4-48C6-88EB-9D3FA7466844",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:libvirt:1.0.5.6:*:*:*:*:*:*:*",
"matchCriteriaId": "A9E4DCDE-4D85-4339-99CB-70A464FA2EE9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:libvirt:1.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "E03AF346-6F4E-4BEA-B29E-9C9C04148843",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:libvirt:1.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "54FAE380-0E7E-4468-A07B-5A9A3504F681",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:libvirt:1.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FB4B1021-4D01-4D86-AED4-0418F8839FD6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:libvirt:1.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "380686BB-7212-4285-BA00-B8EEAC6E1CC9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:libvirt:1.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "7A331072-326A-4E72-84E2-E0424E6DDE30",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:libvirt:1.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "CB1666DD-AC49-477A-921C-8197F5EFECA6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:libvirt:1.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "527B9236-CA4E-42A8-8C7A-2FB92BE2B4B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:libvirt:1.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FA9572AC-1D6D-4AA1-AEF0-CB9143F38215",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:libvirt:1.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "3D6B6D6F-6CD3-43C3-B1EC-18DEC89DFDA6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:libvirt:1.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "BF21D58D-6952-4C72-94C3-32421499AFCE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:libvirt:1.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "83403472-4883-4914-846A-3C3E912C5573",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:redhat:enterprise_virtualization:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "105130E9-D48E-4FB8-A715-E6438EC7E744",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:opensuse:opensuse:12.3:*:*:*:*:*:*:*",
"matchCriteriaId": "DFBF430B-0832-44B0-AA0E-BA9E467F7668",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A10BC294-9196-425F-9FB0-B1625465B47F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2F6AB192-9D7D-4A9A-8995-E53A9DE9EAFC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "libvirt 0.7.5 through 1.2.x before 1.2.5 allows local users to cause a denial of service (read block and hang) via a crafted XML document containing an XML external entity declaration in conjunction with an entity reference to the (1) virConnectCompareCPU or (2) virConnectBaselineCPU API method, related to an XML External Entity (XXE) issue. NOTE: this issue was SPLIT per ADT3 due to different affected versions of some vectors. CVE-2014-5177 is used for other API methods."
},
{
"lang": "es",
"value": "libvirt 0.7.5 hasta 1.2.x anterior a 1.2.5 permite a usuarios locales causar una denegaci\u00f3n de servicio (bloqueo de lectura y cuelgue) a trav\u00e9s de un documento XML manipulado que contiene una declaraci\u00f3n de entidad externa XML en conjunto con una referencia de entidad en el m\u00e9todo (1) virConnectCompareCPU o (2) virConnectBaselineCPU API, relacionado con un problema de entidad externa XML (XXE). NOTA: este problema fue dividido (SPLIT) por ADT3 debido a las diferentes versiones afectadas de algunos vectores. CVE-2014-5177 se utiliza para otros m\u00e9todos API."
}
],
"id": "CVE-2014-0179",
"lastModified": "2024-11-21T02:01:34.333",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 1.9,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.4,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2014-08-03T18:55:05.630",
"references": [
{
"source": "secalert@redhat.com",
"url": "http://libvirt.org/news.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-updates/2014-05/msg00048.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-updates/2014-05/msg00052.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0560.html"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/60895"
},
{
"source": "secalert@redhat.com",
"url": "http://security.gentoo.org/glsa/glsa-201412-04.xml"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://security.libvirt.org/2014/0003.html"
},
{
"source": "secalert@redhat.com",
"url": "http://www.debian.org/security/2014/dsa-3038"
},
{
"source": "secalert@redhat.com",
"url": "http://www.ubuntu.com/usn/USN-2366-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://libvirt.org/news.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-updates/2014-05/msg00048.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-updates/2014-05/msg00052.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0560.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/60895"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://security.gentoo.org/glsa/glsa-201412-04.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://security.libvirt.org/2014/0003.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2014/dsa-3038"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/USN-2366-1"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2013-08-28 21:55
Modified
2024-11-21 01:51
Severity ?
Summary
Unquoted Windows search path vulnerability in the Red Hat Enterprise Virtualization Application Provisioning Tool (RHEV-APT) in the rhev-guest-tools-iso package 3.2 allows local users to gain privileges via a Trojan horse application.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| secalert@redhat.com | http://rhn.redhat.com/errata/RHSA-2013-1122.html | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://rhn.redhat.com/errata/RHSA-2013-1122.html | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| redhat | enterprise_virtualization | 3.0 | |
| redhat | enterprise_virtualization | 3.2 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:redhat:enterprise_virtualization:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "105130E9-D48E-4FB8-A715-E6438EC7E744",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:enterprise_virtualization:3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "4CB24864-E9F3-4EE2-BFA4-9C6C1EB9EF8B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unquoted Windows search path vulnerability in the Red Hat Enterprise Virtualization Application Provisioning Tool (RHEV-APT) in the rhev-guest-tools-iso package 3.2 allows local users to gain privileges via a Trojan horse application."
},
{
"lang": "es",
"value": "Vulnerabilidad de b\u00fasqueda de ruta sin entrecomillar en Red Hat Enterprise Virtualization Application Provisioning Tool (RHEV-APT) en el paquete hev-guest-tools-iso 3.2, permite a usuarios locales elevar sus privilegios a trav\u00e9s de una aplicaci\u00f3n del tipo \"troyano\"."
}
],
"id": "CVE-2013-2176",
"lastModified": "2024-11-21T01:51:11.430",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2013-08-28T21:55:08.473",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1122.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1122.html"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-399"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2014-07-11 14:55
Modified
2024-11-21 02:08
Severity ?
Summary
The REST API in the ovirt-engine in oVirt, as used in Red Hat Enterprise Virtualization (rhevm) 3.4, allows remote authenticated users to read arbitrary files and have other unspecified impact via unknown vectors, related to an XML External Entity (XXE) issue.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| redhat | enterprise_virtualization | 3.4 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:redhat:enterprise_virtualization:3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "FDA49BAA-D188-4F05-9AE8-E5A736EE1267",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The REST API in the ovirt-engine in oVirt, as used in Red Hat Enterprise Virtualization (rhevm) 3.4, allows remote authenticated users to read arbitrary files and have other unspecified impact via unknown vectors, related to an XML External Entity (XXE) issue."
},
{
"lang": "es",
"value": "REST API en ovirt-engine en oVirt, utilizado en Red Hat Enterprise Virtualization (rhevm) 3.4, permite a usuarios remotos autenticados leer ficheros arbitrarios y tener otro impacto no especificado a trav\u00e9s de vectores desconocidos, relacionado con un problema de entidad externa XML External Entity (XXE)."
}
],
"id": "CVE-2014-3485",
"lastModified": "2024-11-21T02:08:12.623",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 4.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2014-07-11T14:55:03.680",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0814.html"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securitytracker.com/id/1030501"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0814.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1030501"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-200"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2014-08-03 18:55
Modified
2024-11-21 02:11
Severity ?
Summary
libvirt 1.0.0 through 1.2.x before 1.2.5, when fine grained access control is enabled, allows local users to read arbitrary files via a crafted XML document containing an XML external entity declaration in conjunction with an entity reference to the (1) virDomainDefineXML, (2) virNetworkCreateXML, (3) virNetworkDefineXML, (4) virStoragePoolCreateXML, (5) virStoragePoolDefineXML, (6) virStorageVolCreateXML, (7) virDomainCreateXML, (8) virNodeDeviceCreateXML, (9) virInterfaceDefineXML, (10) virStorageVolCreateXMLFrom, (11) virConnectDomainXMLFromNative, (12) virConnectDomainXMLToNative, (13) virSecretDefineXML, (14) virNWFilterDefineXML, (15) virDomainSnapshotCreateXML, (16) virDomainSaveImageDefineXML, (17) virDomainCreateXMLWithFiles, (18) virConnectCompareCPU, or (19) virConnectBaselineCPU API method, related to an XML External Entity (XXE) issue. NOTE: this issue was SPLIT from CVE-2014-0179 per ADT3 due to different affected versions of some vectors.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| redhat | enterprise_virtualization | 3.0 | |
| opensuse | opensuse | 12.3 | |
| opensuse | opensuse | 13.1 | |
| redhat | enterprise_linux | 6.0 | |
| redhat | libvirt | 1.0.0 | |
| redhat | libvirt | 1.0.1 | |
| redhat | libvirt | 1.0.2 | |
| redhat | libvirt | 1.0.3 | |
| redhat | libvirt | 1.0.4 | |
| redhat | libvirt | 1.0.5 | |
| redhat | libvirt | 1.0.5.1 | |
| redhat | libvirt | 1.0.5.2 | |
| redhat | libvirt | 1.0.5.3 | |
| redhat | libvirt | 1.0.5.4 | |
| redhat | libvirt | 1.0.5.5 | |
| redhat | libvirt | 1.0.5.6 | |
| redhat | libvirt | 1.0.6 | |
| redhat | libvirt | 1.1.0 | |
| redhat | libvirt | 1.1.1 | |
| redhat | libvirt | 1.1.2 | |
| redhat | libvirt | 1.1.3 | |
| redhat | libvirt | 1.1.4 | |
| redhat | libvirt | 1.2.0 | |
| redhat | libvirt | 1.2.1 | |
| redhat | libvirt | 1.2.2 | |
| redhat | libvirt | 1.2.3 | |
| redhat | libvirt | 1.2.4 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:redhat:enterprise_virtualization:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "105130E9-D48E-4FB8-A715-E6438EC7E744",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:opensuse:opensuse:12.3:*:*:*:*:*:*:*",
"matchCriteriaId": "DFBF430B-0832-44B0-AA0E-BA9E467F7668",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A10BC294-9196-425F-9FB0-B1625465B47F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2F6AB192-9D7D-4A9A-8995-E53A9DE9EAFC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:redhat:libvirt:1.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E13A6AAE-BC1B-4CE1-B747-84F9C6B3FF73",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:libvirt:1.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "6DDA1805-ED8A-44AA-96FF-E676D278CCFD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:libvirt:1.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "BBD82EEA-279F-42CA-8F4C-A4D57EEBAB0D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:libvirt:1.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "320C2182-DBCF-4564-940A-D12673C73543",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:libvirt:1.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "EB635DBE-29F1-4055-A064-42539FC811C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:libvirt:1.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "67B77F63-C9AC-42D4-B9E2-4BBE196AC254",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:libvirt:1.0.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3256288E-5A49-4DCD-AE30-6B4E21AEF970",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:libvirt:1.0.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "25E764AE-3B7C-4378-97C5-10E835511684",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:libvirt:1.0.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "49FEFFA5-371E-4B1D-AAAE-C71AEB79A4AF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:libvirt:1.0.5.4:*:*:*:*:*:*:*",
"matchCriteriaId": "F982F65C-CBF9-4EE6-8FD6-C965141E42C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:libvirt:1.0.5.5:*:*:*:*:*:*:*",
"matchCriteriaId": "F4BF8152-79A4-48C6-88EB-9D3FA7466844",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:libvirt:1.0.5.6:*:*:*:*:*:*:*",
"matchCriteriaId": "A9E4DCDE-4D85-4339-99CB-70A464FA2EE9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:libvirt:1.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "E03AF346-6F4E-4BEA-B29E-9C9C04148843",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:libvirt:1.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "54FAE380-0E7E-4468-A07B-5A9A3504F681",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:libvirt:1.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FB4B1021-4D01-4D86-AED4-0418F8839FD6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:libvirt:1.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "380686BB-7212-4285-BA00-B8EEAC6E1CC9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:libvirt:1.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "7A331072-326A-4E72-84E2-E0424E6DDE30",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:libvirt:1.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "CB1666DD-AC49-477A-921C-8197F5EFECA6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:libvirt:1.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "527B9236-CA4E-42A8-8C7A-2FB92BE2B4B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:libvirt:1.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FA9572AC-1D6D-4AA1-AEF0-CB9143F38215",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:libvirt:1.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "3D6B6D6F-6CD3-43C3-B1EC-18DEC89DFDA6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:libvirt:1.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "BF21D58D-6952-4C72-94C3-32421499AFCE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:libvirt:1.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "83403472-4883-4914-846A-3C3E912C5573",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "libvirt 1.0.0 through 1.2.x before 1.2.5, when fine grained access control is enabled, allows local users to read arbitrary files via a crafted XML document containing an XML external entity declaration in conjunction with an entity reference to the (1) virDomainDefineXML, (2) virNetworkCreateXML, (3) virNetworkDefineXML, (4) virStoragePoolCreateXML, (5) virStoragePoolDefineXML, (6) virStorageVolCreateXML, (7) virDomainCreateXML, (8) virNodeDeviceCreateXML, (9) virInterfaceDefineXML, (10) virStorageVolCreateXMLFrom, (11) virConnectDomainXMLFromNative, (12) virConnectDomainXMLToNative, (13) virSecretDefineXML, (14) virNWFilterDefineXML, (15) virDomainSnapshotCreateXML, (16) virDomainSaveImageDefineXML, (17) virDomainCreateXMLWithFiles, (18) virConnectCompareCPU, or (19) virConnectBaselineCPU API method, related to an XML External Entity (XXE) issue. NOTE: this issue was SPLIT from CVE-2014-0179 per ADT3 due to different affected versions of some vectors."
},
{
"lang": "es",
"value": "libvirt 1.0.0 hasta 1.2.x anterior a 1.2.5, cuando el control de acceso detallado est\u00e1 habilitado, permite a usuarios locales leer ficheros arbitrarios a trav\u00e9s de un documento XML manipulado que contiene una declaraci\u00f3n de entidad externa XML en conjunto con una referencia de entidad en el m\u00e9todo API (1) virDomainDefineXML, (2) virNetworkCreateXML, (3) virNetworkDefineXML, (4) virStoragePoolCreateXML, (5) virStoragePoolDefineXML, (6) virStorageVolCreateXML, (7) virDomainCreateXML, (8) virNodeDeviceCreateXML, (9) virInterfaceDefineXML, (10) virStorageVolCreateXMLFrom, (11) virConnectDomainXMLFromNative, (12) virConnectDomainXMLToNative, (13) virSecretDefineXML, (14) virNWFilterDefineXML, (15) virDomainSnapshotCreateXML, (16) virDomainSaveImageDefineXML, (17) virDomainCreateXMLWithFiles, (18) virConnectCompareCPU o (19) virConnectBaselineCPU, relacionado con un problema de entidad externa XML (XXE). NOTA: este problema ha sido dividido (SPLIT) del CVE-2014-0179 por ADT3 debido a las diferentes versiones afectadas de algunos vectores."
}
],
"id": "CVE-2014-5177",
"lastModified": "2024-11-21T02:11:33.197",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "HIGH",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 1.2,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:H/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 1.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2014-08-03T18:55:05.693",
"references": [
{
"source": "cve@mitre.org",
"url": "http://libvirt.org/news.html"
},
{
"source": "cve@mitre.org",
"url": "http://lists.opensuse.org/opensuse-updates/2014-05/msg00048.html"
},
{
"source": "cve@mitre.org",
"url": "http://lists.opensuse.org/opensuse-updates/2014-05/msg00052.html"
},
{
"source": "cve@mitre.org",
"url": "http://rhn.redhat.com/errata/RHSA-2014-0560.html"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/60895"
},
{
"source": "cve@mitre.org",
"url": "http://security.gentoo.org/glsa/glsa-201412-04.xml"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://security.libvirt.org/2014/0003.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.ubuntu.com/usn/USN-2366-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://libvirt.org/news.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-updates/2014-05/msg00048.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-updates/2014-05/msg00052.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2014-0560.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/60895"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://security.gentoo.org/glsa/glsa-201412-04.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://security.libvirt.org/2014/0003.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/USN-2366-1"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2014-01-21 18:55
Modified
2024-11-21 01:51
Severity ?
Summary
Unquoted Windows search path vulnerability in the SPICE service, as used in Red Hat Enterprise Virtualization (RHEV) 3.2, allows local users to gain privileges via a crafted application in an unspecified folder.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| redhat | enterprise_virtualization | 3.2 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:redhat:enterprise_virtualization:3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "4CB24864-E9F3-4EE2-BFA4-9C6C1EB9EF8B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unquoted Windows search path vulnerability in the SPICE service, as used in Red Hat Enterprise Virtualization (RHEV) 3.2, allows local users to gain privileges via a crafted application in an unspecified folder."
},
{
"lang": "es",
"value": "Vulnerabilidad de ruta de b\u00fasqueda en Windows sin comillas en el servicio SPICE, tal como se usa en Red Hat Enterprise Virtualization (RHEV) 3.2, permite a usuarios locales obtener privilegios a trav\u00e9s de una aplicaci\u00f3n manipulada en una carpeta sin especificar."
}
],
"evaluatorComment": "Per: http://cwe.mitre.org/data/definitions/426.html\n\n\"CWE-426: Untrusted Search Path\"",
"id": "CVE-2013-2152",
"lastModified": "2024-11-21T01:51:08.677",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2014-01-21T18:55:09.477",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-0924.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-0925.html"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securityfocus.com/bid/60475"
},
{
"source": "secalert@redhat.com",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=971172"
},
{
"source": "secalert@redhat.com",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/84866"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-0924.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-0925.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/60475"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=971172"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/84866"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2010-08-24 18:00
Modified
2024-11-21 01:12
Severity ?
Summary
libspice, as used in QEMU-KVM in the Hypervisor (aka rhev-hypervisor) in Red Hat Enterprise Virtualization (RHEV) 2.2 and qspice 0.3.0, does not properly restrict the addresses upon which memory-management actions are performed, which allows guest OS users to cause a denial of service (guest OS crash) or possibly gain privileges via unspecified vectors.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| redhat | enterprise_virtualization | 2.2 | |
| redhat | qspice | 0.3.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:redhat:enterprise_virtualization:2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "C9C4DBCA-6BC6-4A13-8250-6CE0A7A6BCB1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:qspice:0.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B3EF5AC4-D35B-4E47-B720-C4B24F4BF9FC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "libspice, as used in QEMU-KVM in the Hypervisor (aka rhev-hypervisor) in Red Hat Enterprise Virtualization (RHEV) 2.2 and qspice 0.3.0, does not properly restrict the addresses upon which memory-management actions are performed, which allows guest OS users to cause a denial of service (guest OS crash) or possibly gain privileges via unspecified vectors."
},
{
"lang": "es",
"value": "libspice, tal y como se utiliza en QEMU-KVM en el Hypervisor (alias rhev-hipervisor) en Red Hat Enterprise Virtualization (RHEV) v2.2 y qspice v0.3.0, no restringe adecuadamanete las direcciones sobre las que las acciones de gestion de memoria son llevadas a cabo, lo que permite causar, a los usuarios del sistema operativo Huesped, una denegaci\u00f3n de servicio (caida del sistema operativo Huesped) o posiblemente obtener privilegios mediante vectores no especificados."
}
],
"id": "CVE-2010-0429",
"lastModified": "2024-11-21T01:12:11.983",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "SINGLE",
"availabilityImpact": "COMPLETE",
"baseScore": 6.6,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:M/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 2.7,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2010-08-24T18:00:23.190",
"references": [
{
"source": "secalert@redhat.com",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=568701"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://rhn.redhat.com/errata/RHSA-2010-0622.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://rhn.redhat.com/errata/RHSA-2010-0633.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=568701"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://rhn.redhat.com/errata/RHSA-2010-0622.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://rhn.redhat.com/errata/RHSA-2010-0633.html"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-264"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2013-08-19 23:55
Modified
2024-11-21 01:46
Severity ?
Summary
VDSM in Red Hat Enterprise Virtualization 3 and 3.2 allows privileged guest users to cause the host to become "unavailable to the managment server" via guestInfo dictionaries with "unexpected fields."
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| redhat | enterprise_virtualization | 3.0 | |
| redhat | enterprise_virtualization | 3.2 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:redhat:enterprise_virtualization:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "105130E9-D48E-4FB8-A715-E6438EC7E744",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:enterprise_virtualization:3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "4CB24864-E9F3-4EE2-BFA4-9C6C1EB9EF8B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "VDSM in Red Hat Enterprise Virtualization 3 and 3.2 allows privileged guest users to cause the host to become \"unavailable to the managment server\" via guestInfo dictionaries with \"unexpected fields.\""
},
{
"lang": "es",
"value": "VDSM en Red Hat Enterprise Virtualization 3 y 3.2, permite a usuarios invitados con privilegios provocar que la maquina anfitriona \"no est\u00e9 disponible para el servidor de gesti\u00f3n\" a trav\u00e9s de diccionarios \"guestInfo\" con \"campos inesperados\"."
}
],
"id": "CVE-2013-0167",
"lastModified": "2024-11-21T01:46:58.917",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 2.7,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:A/AC:L/Au:S/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 5.1,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2013-08-19T23:55:08.197",
"references": [
{
"source": "secalert@redhat.com",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=893332"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "https://rhn.redhat.com/errata/RHSA-2013-0886.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "https://rhn.redhat.com/errata/RHSA-2013-0907.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=893332"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://rhn.redhat.com/errata/RHSA-2013-0886.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://rhn.redhat.com/errata/RHSA-2013-0907.html"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2018-04-26 17:29
Modified
2024-11-21 03:59
Severity ?
7.7 (High) - CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N
7.2 (High) - CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
7.2 (High) - CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Summary
ovirt-engine API and administration web portal before versions 4.2.2.5, 4.1.11.2 is vulnerable to an exposure of Power Management credentials, including cleartext passwords to Host Administrators. A Host Administrator could use this flaw to gain access to the power management systems of hosts they control.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| secalert@redhat.com | https://access.redhat.com/errata/RHBA-2018:1219 | Third Party Advisory | |
| secalert@redhat.com | https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-1074 | Issue Tracking, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://access.redhat.com/errata/RHBA-2018:1219 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-1074 | Issue Tracking, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ovirt | ovirt | * | |
| redhat | enterprise_virtualization | 4.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ovirt:ovirt:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0476809C-082C-4850-B174-BB8614B2C9D4",
"versionEndIncluding": "4.1.11.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:redhat:enterprise_virtualization:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "12544770-1AF9-4DD3-BC72-579DA0BC0F3E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "ovirt-engine API and administration web portal before versions 4.2.2.5, 4.1.11.2 is vulnerable to an exposure of Power Management credentials, including cleartext passwords to Host Administrators. A Host Administrator could use this flaw to gain access to the power management systems of hosts they control."
},
{
"lang": "es",
"value": "La API y el portal de administraci\u00f3n web de ovirt-engine en versiones anteriores a la 4.2.2.5 y la 4.1.11.2 es vulnerable a una exposici\u00f3n de credenciales de Power Management, incluyendo contrase\u00f1as en texto claro para Host Administrators. Un Host Administrator podr\u00eda utilizar este fallo para obtener acceso a los sistemas de gesti\u00f3n de energ\u00eda de los hosts que controlan."
}
],
"id": "CVE-2018-1074",
"lastModified": "2024-11-21T03:59:07.570",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 4.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N",
"version": "3.0"
},
"exploitabilityScore": 3.1,
"impactScore": 4.0,
"source": "secalert@redhat.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-04-26T17:29:00.510",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHBA-2018:1219"
},
{
"source": "secalert@redhat.com",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-1074"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHBA-2018:1219"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-1074"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-200"
}
],
"source": "secalert@redhat.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-522"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2010-08-24 18:00
Modified
2024-11-21 01:12
Severity ?
Summary
libspice, as used in QEMU-KVM in the Hypervisor (aka rhev-hypervisor) in Red Hat Enterprise Virtualization (RHEV) 2.2 and qspice 0.3.0, does not properly validate guest QXL driver pointers, which allows guest OS users to cause a denial of service (invalid pointer dereference and guest OS crash) or possibly gain privileges via unspecified vectors.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| secalert@redhat.com | https://bugzilla.redhat.com/show_bug.cgi?id=568699 | Vendor Advisory | |
| secalert@redhat.com | https://rhn.redhat.com/errata/RHSA-2010-0622.html | Patch, Vendor Advisory | |
| secalert@redhat.com | https://rhn.redhat.com/errata/RHSA-2010-0633.html | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/show_bug.cgi?id=568699 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://rhn.redhat.com/errata/RHSA-2010-0622.html | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://rhn.redhat.com/errata/RHSA-2010-0633.html | Patch, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| redhat | enterprise_virtualization | 2.2 | |
| redhat | qspice | 0.3.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:redhat:enterprise_virtualization:2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "C9C4DBCA-6BC6-4A13-8250-6CE0A7A6BCB1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:qspice:0.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B3EF5AC4-D35B-4E47-B720-C4B24F4BF9FC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "libspice, as used in QEMU-KVM in the Hypervisor (aka rhev-hypervisor) in Red Hat Enterprise Virtualization (RHEV) 2.2 and qspice 0.3.0, does not properly validate guest QXL driver pointers, which allows guest OS users to cause a denial of service (invalid pointer dereference and guest OS crash) or possibly gain privileges via unspecified vectors."
},
{
"lang": "es",
"value": "libspice, tal y como se utiliza en QEMU-KVM en el Hypervisor (alias rhev-hipervisor) de Red Hat Enterprise Virtualization (RHEV) v2.2 y qspice v0.3.0, no valida correctamente los punteros a controladores QXL, lo que permite causar, a los usuarios de los sistemas operativos Huesped, una denegaci\u00f3n de servicio (uso de puntero no v\u00e1lido y la ca\u00edda del sistema operativo hu\u00e9sped) o posiblemente ganar privilegios a trav\u00e9s de vectores no especificados."
}
],
"id": "CVE-2010-0428",
"lastModified": "2024-11-21T01:12:11.887",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "SINGLE",
"availabilityImpact": "COMPLETE",
"baseScore": 6.6,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:M/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 2.7,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2010-08-24T18:00:01.537",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=568699"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://rhn.redhat.com/errata/RHSA-2010-0622.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://rhn.redhat.com/errata/RHSA-2010-0633.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=568699"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://rhn.redhat.com/errata/RHSA-2010-0622.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://rhn.redhat.com/errata/RHSA-2010-0633.html"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2014-02-10 18:15
Modified
2024-11-21 01:40
Severity ?
Summary
The vfprintf function in stdio-common/vfprintf.c in libc in GNU C Library (aka glibc) 2.14 and other versions does not properly calculate a buffer length, which allows context-dependent attackers to bypass the FORTIFY_SOURCE format-string protection mechanism and cause a denial of service (segmentation fault and crash) via a format string with a large number of format specifiers that triggers "desynchronization within the buffer size handling," a different vulnerability than CVE-2012-3404.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| gnu | glibc | 2.14 | |
| redhat | enterprise_virtualization | 3.0 | |
| canonical | ubuntu_linux | 8.04 | |
| canonical | ubuntu_linux | 10.04 | |
| canonical | ubuntu_linux | 11.04 | |
| canonical | ubuntu_linux | 11.10 | |
| canonical | ubuntu_linux | 12.04 | |
| redhat | enterprise_linux | 6.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:gnu:glibc:2.14:*:*:*:*:*:*:*",
"matchCriteriaId": "BFD5D113-EF53-4690-92AC-B6E54D70AA9B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:enterprise_virtualization:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "105130E9-D48E-4FB8-A715-E6438EC7E744",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:8.04:-:lts:*:*:*:*:*",
"matchCriteriaId": "D6DFE2D3-46E2-4D0C-8508-30307D654560",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:10.04:-:lts:*:*:*:*:*",
"matchCriteriaId": "7118F616-25CA-4E34-AA13-4D14BB62419F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:11.04:*:*:*:*:*:*:*",
"matchCriteriaId": "EF49D26F-142E-468B-87C1-BABEA445255C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:11.10:*:*:*:*:*:*:*",
"matchCriteriaId": "E4174F4F-149E-41A6-BBCC-D01114C05F38",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:12.04:-:lts:*:*:*:*:*",
"matchCriteriaId": "F5D324C4-97C7-49D3-A809-9EAD4B690C69",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2F6AB192-9D7D-4A9A-8995-E53A9DE9EAFC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The vfprintf function in stdio-common/vfprintf.c in libc in GNU C Library (aka glibc) 2.14 and other versions does not properly calculate a buffer length, which allows context-dependent attackers to bypass the FORTIFY_SOURCE format-string protection mechanism and cause a denial of service (segmentation fault and crash) via a format string with a large number of format specifiers that triggers \"desynchronization within the buffer size handling,\" a different vulnerability than CVE-2012-3404."
},
{
"lang": "es",
"value": "La funci\u00f3n vfprintf en stdio-common/vfprintf.c en libc en GNU C Library (tambi\u00e9n conocido como glibc) 2.14 y otras versiones no calcula correctamente una longitud de buffer, lo que permite a atacantes dependientes de contexto evadir el mecanismo de protecci\u00f3n de cadenas de formato FORTIFY_SOURCE y causar una denegaci\u00f3n de servicio (fallo de segmentaci\u00f3n y ca\u00edda) a trav\u00e9s de una cadena de formato con un gran n\u00famero de especificadores de formato que provoca \"desincronizaci\u00f3n dentro del manejo del tama\u00f1o de buffer,\" una vulnerabilidad deferente a CVE-2012-3404."
}
],
"id": "CVE-2012-3405",
"lastModified": "2024-11-21T01:40:48.247",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2014-02-10T18:15:10.073",
"references": [
{
"source": "secalert@redhat.com",
"url": "http://rhn.redhat.com/errata/RHSA-2012-1098.html"
},
{
"source": "secalert@redhat.com",
"url": "http://rhn.redhat.com/errata/RHSA-2012-1200.html"
},
{
"source": "secalert@redhat.com",
"url": "http://www.openwall.com/lists/oss-security/2012/07/11/17"
},
{
"source": "secalert@redhat.com",
"url": "http://www.ubuntu.com/usn/USN-1589-1"
},
{
"source": "secalert@redhat.com",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=833704"
},
{
"source": "secalert@redhat.com",
"url": "https://security.gentoo.org/glsa/201503-04"
},
{
"source": "secalert@redhat.com",
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=13446"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2012-1098.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2012-1200.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2012/07/11/17"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/USN-1589-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=833704"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.gentoo.org/glsa/201503-04"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=13446"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-189"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-08-22 18:29
Modified
2024-11-21 02:55
Severity ?
Summary
oVirt Engine discloses the ENGINE_HTTPS_PKI_TRUST_STORE_PASSWORD in /var/log/ovirt-engine/engine.log file in RHEV before 4.0.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| secalert@redhat.com | http://www.securityfocus.com/bid/92345 | Third Party Advisory, VDB Entry | |
| secalert@redhat.com | https://bugzilla.redhat.com/show_bug.cgi?id=1363738 | Issue Tracking, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/92345 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/show_bug.cgi?id=1363738 | Issue Tracking, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| redhat | enterprise_virtualization | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:redhat:enterprise_virtualization:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1785CCC1-4561-4B63-BB4E-BB648CA952A9",
"versionEndIncluding": "3.6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "oVirt Engine discloses the ENGINE_HTTPS_PKI_TRUST_STORE_PASSWORD in /var/log/ovirt-engine/engine.log file in RHEV before 4.0."
},
{
"lang": "es",
"value": "oVirt Engine divulga ENGINE_HTTPS_PKI_TRUST_STORE_PASSWORD en un archivo /var/log/ovirt-engine/engine.log en RHEV en versiones anteriores a la 4.0."
}
],
"id": "CVE-2016-6310",
"lastModified": "2024-11-21T02:55:52.750",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-08-22T18:29:00.373",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/92345"
},
{
"source": "secalert@redhat.com",
"tags": [
"Issue Tracking",
"Vendor Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1363738"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/92345"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Vendor Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1363738"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-200"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2014-08-06 19:55
Modified
2024-11-21 02:08
Severity ?
Summary
The oVirt storage backend in Red Hat Enterprise Virtualization 3.4 does not wipe memory snapshots when deleting a VM, even when wipe-after-delete (WAD) is configured for the VM's disk, which allows remote authenticated users with certain credentials to read portions of the deleted VM's memory and obtain sensitive information via an uninitialized storage volume.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| redhat | enterprise_virtualization | 3.4 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:redhat:enterprise_virtualization:3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "FDA49BAA-D188-4F05-9AE8-E5A736EE1267",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The oVirt storage backend in Red Hat Enterprise Virtualization 3.4 does not wipe memory snapshots when deleting a VM, even when wipe-after-delete (WAD) is configured for the VM\u0027s disk, which allows remote authenticated users with certain credentials to read portions of the deleted VM\u0027s memory and obtain sensitive information via an uninitialized storage volume."
},
{
"lang": "es",
"value": "El backend de almacenaje oVirt en Red Hat Enterprise Virtualization 3.4 no borra instant\u00e1neas de la memoria cuando elimina una VM, incluso cuando borrar despu\u00e9s de eliminar (wipe-after-delete o WAD) est\u00e1 configurado para el disco de la VM, lo que permite a usuarios remotos autenticados con ciertas credenciales leer porciones de la memoria eliminada de la VM y obtener informaci\u00f3n sensible a trav\u00e9s de un volumen de almacenaje no inicializado."
}
],
"id": "CVE-2014-3559",
"lastModified": "2024-11-21T02:08:22.250",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:S/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 6.8,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2014-08-06T19:55:03.727",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-1002.html"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securitytracker.com/id/1030664"
},
{
"source": "secalert@redhat.com",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1121925"
},
{
"source": "secalert@redhat.com",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95098"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-1002.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1030664"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1121925"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95098"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-264"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-09-26 01:29
Modified
2024-11-21 02:18
Severity ?
Summary
ovirt_safe_delete_config in ovirtfunctions.py and other unspecified locations in ovirt-node 3.0.0-474-gb852fd7 as packaged in Red Hat Enterprise Virtualization 3 do not properly quote input strings, which allows remote authenticated users and physically proximate attackers to execute arbitrary commands via a ; (semicolon) in an input string.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ovirt | ovirt-node | 3.0.0-474-gb852fd7 | |
| redhat | enterprise_virtualization | 3.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ovirt:ovirt-node:3.0.0-474-gb852fd7:*:*:*:*:*:*:*",
"matchCriteriaId": "387E2048-91CC-4384-8572-5FB948B9BAD4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:redhat:enterprise_virtualization:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "105130E9-D48E-4FB8-A715-E6438EC7E744",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "ovirt_safe_delete_config in ovirtfunctions.py and other unspecified locations in ovirt-node 3.0.0-474-gb852fd7 as packaged in Red Hat Enterprise Virtualization 3 do not properly quote input strings, which allows remote authenticated users and physically proximate attackers to execute arbitrary commands via a ; (semicolon) in an input string."
},
{
"lang": "es",
"value": "ovirt_safe_delete_config en ovirtfunctions.py y otras localizaciones sin especificar en ovirt-node 3.0.0-474-gb852fd7 tal y como se incluye en Red Hat Enterprise Virtualization 3 no emplea comillas correctamente en las cadenas de entrada, lo que permite que los usuarios autenticados y atacantes cercanos f\u00edsicamente puedan ejecutar comandos arbitrarios mediante un \";\" (punto y coma) en una cadena de ayuda."
}
],
"id": "CVE-2014-8170",
"lastModified": "2024-11-21T02:18:42.257",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-09-26T01:29:00.320",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Issue Tracking",
"Third Party Advisory",
"VDB Entry"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1194745"
},
{
"source": "secalert@redhat.com",
"url": "https://gerrit.ovirt.org/gitweb?p=ovirt-node.git%3Ba=blob%3Bf=src/ovirtnode/ovirtfunctions.py%3Bh=caef7ef019ca12b49aa3c030792538956fb4caad%3Bhb=e11e02cd9256c854dd0419515097637d6829b4f1#l1091"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Third Party Advisory",
"VDB Entry"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1194745"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://gerrit.ovirt.org/gitweb?p=ovirt-node.git%3Ba=blob%3Bf=src/ovirtnode/ovirtfunctions.py%3Bh=caef7ef019ca12b49aa3c030792538956fb4caad%3Bhb=e11e02cd9256c854dd0419515097637d6829b4f1#l1091"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-134"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-02-25 21:15
Modified
2024-11-21 02:32
Severity ?
Summary
VDSM and libvirt in Red Hat Enterprise Virtualization Hypervisor (aka RHEV-H) 7-7.x before 7-7.2-20151119.0 and 6-6.x before 6-6.7-20151117.0 as packaged in Red Hat Enterprise Virtualization before 3.5.6 when VSDM is run with -spice disable-ticketing and a VM is suspended and then restored, allows remote attackers to log in without authentication via unspecified vectors.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| secalert@redhat.com | https://access.redhat.com/security/cve/cve-2015-5201 | Vendor Advisory | |
| secalert@redhat.com | https://bugzilla.redhat.com/show_bug.cgi?id=1253882 | Issue Tracking, Vendor Advisory | |
| secalert@redhat.com | https://bugzilla.redhat.com/show_bug.cgi?id=1273144 | Issue Tracking, Vendor Advisory | |
| secalert@redhat.com | https://rhn.redhat.com/errata/RHEA-2015-2527.html | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://access.redhat.com/security/cve/cve-2015-5201 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/show_bug.cgi?id=1253882 | Issue Tracking, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/show_bug.cgi?id=1273144 | Issue Tracking, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://rhn.redhat.com/errata/RHEA-2015-2527.html | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| redhat | enterprise_virtualization | * | |
| redhat | enterprise_virtualization_hypervisor | * | |
| redhat | enterprise_virtualization_hypervisor | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:redhat:enterprise_virtualization:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E448B3E1-42A5-48E3-9F6E-A5C4FAC7C3C2",
"versionEndExcluding": "3.5.6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:enterprise_virtualization_hypervisor:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DE31D534-0B91-48EA-BEFB-4C23BB7FA348",
"versionEndExcluding": "6-6.7-20151117.0",
"versionStartIncluding": "6-6.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:enterprise_virtualization_hypervisor:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EDAA94DE-A71F-4FFA-8DE8-453B249D3F19",
"versionEndExcluding": "7-7.2-20151119.0",
"versionStartIncluding": "7-7.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "VDSM and libvirt in Red Hat Enterprise Virtualization Hypervisor (aka RHEV-H) 7-7.x before 7-7.2-20151119.0 and 6-6.x before 6-6.7-20151117.0 as packaged in Red Hat Enterprise Virtualization before 3.5.6 when VSDM is run with -spice disable-ticketing and a VM is suspended and then restored, allows remote attackers to log in without authentication via unspecified vectors."
},
{
"lang": "es",
"value": "VDSM y libvirt en Red Hat Enterprise Virtualization Hypervisor (tambi\u00e9n se conoce como RHEV-H) versiones 7-7.x anteriores a 7-7.2-20151119.0 y versiones 6-6.x anteriores a 6-6.7-20151117.0, como es paquetizado en Red Hat Enterprise Virtualization versiones anteriores a 3.5.6, cuando VSDM se ejecuta con -spice disable-ticketing y una VM es suspendida y luego restaurada, permite a atacantes remotos iniciar sesi\u00f3n sin autenticaci\u00f3n por medio de vectores no especificados."
}
],
"id": "CVE-2015-5201",
"lastModified": "2024-11-21T02:32:32.893",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-02-25T21:15:10.750",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "https://access.redhat.com/security/cve/cve-2015-5201"
},
{
"source": "secalert@redhat.com",
"tags": [
"Issue Tracking",
"Vendor Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1253882"
},
{
"source": "secalert@redhat.com",
"tags": [
"Issue Tracking",
"Vendor Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1273144"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "https://rhn.redhat.com/errata/RHEA-2015-2527.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://access.redhat.com/security/cve/cve-2015-5201"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Vendor Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1253882"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Vendor Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1273144"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://rhn.redhat.com/errata/RHEA-2015-2527.html"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-306"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2018-07-27 18:29
Modified
2024-11-21 03:23
Severity ?
6.8 (Medium) - CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L
6.3 (Medium) - CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:L
6.3 (Medium) - CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:L
Summary
When updating a password in the rhvm database the ovirt-aaa-jdbc-tool tools before 1.1.3 fail to correctly check for the current password if it is expired. This would allow access to an attacker with access to change the password on accounts with expired passwords, gaining access to those accounts.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| secalert@redhat.com | http://rhn.redhat.com/errata/RHSA-2017-0257.html | Vendor Advisory | |
| secalert@redhat.com | https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-2614 | Issue Tracking, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://rhn.redhat.com/errata/RHSA-2017-0257.html | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-2614 | Issue Tracking, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| redhat | enterprise_virtualization | 4.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:redhat:enterprise_virtualization:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "12544770-1AF9-4DD3-BC72-579DA0BC0F3E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "When updating a password in the rhvm database the ovirt-aaa-jdbc-tool tools before 1.1.3 fail to correctly check for the current password if it is expired. This would allow access to an attacker with access to change the password on accounts with expired passwords, gaining access to those accounts."
},
{
"lang": "es",
"value": "Cuando se actualiza una contrase\u00f1a en la base de datos rhvm, las herramientas de ovirt-aaaa-jdbc-tool en versiones anteriores a la 1.1.3 no verifican correctamente si la contrase\u00f1a actual ha caducado. Esto permitir\u00eda el acceso a un atacante con acceso para cambiar la contrase\u00f1a en cuentas con contrase\u00f1as caducadas, obteniendo acceso a esas cuentas."
}
],
"id": "CVE-2017-2614",
"lastModified": "2024-11-21T03:23:50.067",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L",
"version": "3.0"
},
"exploitabilityScore": 2.5,
"impactScore": 3.7,
"source": "secalert@redhat.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:L",
"version": "3.0"
},
"exploitabilityScore": 2.0,
"impactScore": 3.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-07-27T18:29:00.687",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0257.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Issue Tracking",
"Vendor Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-2614"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0257.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Vendor Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-2614"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "secalert@redhat.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-640"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2018-06-20 01:29
Modified
2024-11-21 03:59
Severity ?
5.0 (Medium) - CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N
9.8 (Critical) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
ovirt-ansible-roles before version 1.0.6 has a vulnerability due to a missing no_log directive, resulting in the 'Add oVirt Provider to ManageIQ/CloudForms' playbook inadvertently disclosing admin passwords in the provisioning log. In an environment where logs are shared with other parties, this could lead to privilege escalation.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| secalert@redhat.com | http://www.securityfocus.com/bid/104186 | Third Party Advisory, VDB Entry | |
| secalert@redhat.com | https://access.redhat.com/errata/RHSA-2018:1452 | Third Party Advisory | |
| secalert@redhat.com | https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-1117 | Issue Tracking, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/104186 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://access.redhat.com/errata/RHSA-2018:1452 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-1117 | Issue Tracking, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ovirt | ovirt-ansible-roles | * | |
| redhat | enterprise_virtualization | 4.1 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ovirt:ovirt-ansible-roles:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BF5372E6-6BF7-46A4-A649-94DFEB390B02",
"versionEndExcluding": "1.0.6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:redhat:enterprise_virtualization:4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "02A9AA55-B4CC-4606-A23E-BD7C0E6B78B9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "ovirt-ansible-roles before version 1.0.6 has a vulnerability due to a missing no_log directive, resulting in the \u0027Add oVirt Provider to ManageIQ/CloudForms\u0027 playbook inadvertently disclosing admin passwords in the provisioning log. In an environment where logs are shared with other parties, this could lead to privilege escalation."
},
{
"lang": "es",
"value": "ovirt-ansible-roles en versiones anteriores a la 1.0.6 tiene una vulnerabilidad debido a la falta de la directiva no_log, lo que resulta en que el procedimiento \"Add oVirt Provider to ManageIQ/CloudForms\" revela accidentalmente contrase\u00f1as de administrador en el registro de aprovisionamiento. En un entorno en el que se comparten registros con otras partes, esto podr\u00eda conducir a un escalado de privilegios."
}
],
"id": "CVE-2018-1117",
"lastModified": "2024-11-21T03:59:13.053",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"exploitabilityScore": 1.3,
"impactScore": 3.6,
"source": "secalert@redhat.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-06-20T01:29:02.243",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/104186"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1452"
},
{
"source": "secalert@redhat.com",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-1117"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/104186"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1452"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-1117"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-532"
}
],
"source": "secalert@redhat.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2013-09-16 19:14
Modified
2024-11-21 01:55
Severity ?
Summary
Cross-site scripting (XSS) vulnerability in the addAlert function in the RedirectServlet servlet in oVirt Engine and Red Hat Enterprise Virtualization Manager (RHEV-M), as used in Red Hat Enterprise Virtualization 3 and 3.2, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| redhat | enterprise_virtualization | 3.0 | |
| redhat | enterprise_virtualization | 3.2 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:redhat:enterprise_virtualization:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "105130E9-D48E-4FB8-A715-E6438EC7E744",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:enterprise_virtualization:3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "4CB24864-E9F3-4EE2-BFA4-9C6C1EB9EF8B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in the addAlert function in the RedirectServlet servlet in oVirt Engine and Red Hat Enterprise Virtualization Manager (RHEV-M), as used in Red Hat Enterprise Virtualization 3 and 3.2, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
},
{
"lang": "es",
"value": "Vulnerabilidad XSS en la funci\u00f3n addAlert en RedirectServlet servlet en oVirt Engine y Red Hat Enterprise Virtualization Manager (RHEV-M), utilizado en Red Hat Enterprise Virtualization 3 y 3.2, permite a atacantes remotos inyectar secuencias de comandos web o HTML arbitrarias a trav\u00e9s de vectores no especificados."
}
],
"id": "CVE-2013-4181",
"lastModified": "2024-11-21T01:55:04.630",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2013-09-16T19:14:38.817",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1210.html"
},
{
"source": "secalert@redhat.com",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=988774"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1210.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=988774"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2014-12-05 16:59
Modified
2024-11-21 02:08
Severity ?
Summary
The rhevm-log-collector package in Red Hat Enterprise Virtualization 3.4 uses the PostgreSQL database password on the command line when calling sosreport, which allows local users to obtain sensitive information by listing the processes.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| redhat | enterprise_virtualization | 3.4 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:redhat:enterprise_virtualization:3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "FDA49BAA-D188-4F05-9AE8-E5A736EE1267",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The rhevm-log-collector package in Red Hat Enterprise Virtualization 3.4 uses the PostgreSQL database password on the command line when calling sosreport, which allows local users to obtain sensitive information by listing the processes."
},
{
"lang": "es",
"value": "El paquete rhevm-log-collector en Red Hat Enterprise Virtualization 3.4 utiliza la contrase\u00f1a de la base de datos PostgreSQL en la l\u00ednea de comandos cuando llama a sosreport, lo que permite a usuarios locales obtener informaci\u00f3n sensible mediante el listado de los procesos."
}
],
"id": "CVE-2014-3561",
"lastModified": "2024-11-21T02:08:22.497",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2014-12-05T16:59:02.970",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-1947.html"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securitytracker.com/id/1031291"
},
{
"source": "secalert@redhat.com",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/99096"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-1947.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1031291"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/99096"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-200"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-12-14 18:59
Modified
2024-11-21 02:52
Severity ?
Summary
Red Hat Enterprise Virtualization (RHEV) Manager 3.6 allows local users to obtain encryption keys, certificates, and other sensitive information by reading the engine-setup log file.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| secalert@redhat.com | http://rhn.redhat.com/errata/RHSA-2016-1929.html | Mitigation, Patch, Vendor Advisory | |
| secalert@redhat.com | http://www.securityfocus.com/bid/92751 | Third Party Advisory, VDB Entry | |
| secalert@redhat.com | http://www.securitytracker.com/id/1036863 | Third Party Advisory, VDB Entry | |
| secalert@redhat.com | https://bugzilla.redhat.com/show_bug.cgi?id=1335106 | Issue Tracking, VDB Entry, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://rhn.redhat.com/errata/RHSA-2016-1929.html | Mitigation, Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/92751 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1036863 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/show_bug.cgi?id=1335106 | Issue Tracking, VDB Entry, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| redhat | enterprise_virtualization | 3.6 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:redhat:enterprise_virtualization:3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "5611A87C-7A9C-4F81-9162-F06FD23709FA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Red Hat Enterprise Virtualization (RHEV) Manager 3.6 allows local users to obtain encryption keys, certificates, and other sensitive information by reading the engine-setup log file."
},
{
"lang": "es",
"value": "Red Hat Enterprise Virtualization (RHEV) Manager 3.6 permite a usuarios locales obtener claves de encriptaci\u00f3n, certificados y otra informaci\u00f3n sensible mediante la lectura del archivo de inicio de sesi\u00f3n engine-setup."
}
],
"id": "CVE-2016-4443",
"lastModified": "2024-11-21T02:52:12.713",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-12-14T18:59:01.403",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Mitigation",
"Patch",
"Vendor Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-1929.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/92751"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1036863"
},
{
"source": "secalert@redhat.com",
"tags": [
"Issue Tracking",
"VDB Entry",
"Vendor Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1335106"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mitigation",
"Patch",
"Vendor Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-1929.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/92751"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1036863"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"VDB Entry",
"Vendor Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1335106"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-532"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2018-05-17 16:29
Modified
2024-11-21 03:59
Severity ?
7.5 (High) - CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
7.5 (High) - CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
7.5 (High) - CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
DHCP packages in Red Hat Enterprise Linux 6 and 7, Fedora 28, and earlier are vulnerable to a command injection flaw in the NetworkManager integration script included in the DHCP client. A malicious DHCP server, or an attacker on the local network able to spoof DHCP responses, could use this flaw to execute arbitrary commands with root privileges on systems using NetworkManager and configured to obtain network configuration using the DHCP protocol.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| fedoraproject | fedora | 26 | |
| fedoraproject | fedora | 27 | |
| fedoraproject | fedora | 28 | |
| redhat | enterprise_virtualization | 4.0 | |
| redhat | enterprise_virtualization | 4.2 | |
| redhat | enterprise_virtualization_host | 4.0 | |
| redhat | enterprise_linux | 6.0 | |
| redhat | enterprise_linux | 6.4 | |
| redhat | enterprise_linux | 6.5 | |
| redhat | enterprise_linux | 6.6 | |
| redhat | enterprise_linux | 6.7 | |
| redhat | enterprise_linux | 7.0 | |
| redhat | enterprise_linux | 7.2 | |
| redhat | enterprise_linux | 7.3 | |
| redhat | enterprise_linux | 7.4 | |
| redhat | enterprise_linux | 7.5 | |
| redhat | enterprise_linux_desktop | 6.0 | |
| redhat | enterprise_linux_desktop | 7.0 | |
| redhat | enterprise_linux_server | 6.0 | |
| redhat | enterprise_linux_server | 7.0 | |
| redhat | enterprise_linux_workstation | 6.0 | |
| redhat | enterprise_linux_workstation | 7.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:26:*:*:*:*:*:*:*",
"matchCriteriaId": "6E4D8269-B407-4C24-AAB0-02F885C7D752",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:27:*:*:*:*:*:*:*",
"matchCriteriaId": "DBEACBFF-6D05-4B69-BF7A-F7E539D9BF6E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:28:*:*:*:*:*:*:*",
"matchCriteriaId": "DC1BD7B7-6D88-42B8-878E-F1318CA5FCAF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:redhat:enterprise_virtualization:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "12544770-1AF9-4DD3-BC72-579DA0BC0F3E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:enterprise_virtualization:4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "76DA389E-C042-47E1-989C-0882E12DF35B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:enterprise_virtualization_host:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6B8286AD-7632-46C4-AD1E-653CABC4B95B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2F6AB192-9D7D-4A9A-8995-E53A9DE9EAFC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:6.4:*:*:*:*:*:*:*",
"matchCriteriaId": "905EC4D0-7604-476A-8176-9FFCEB1DC6B1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "564DCCFD-77BF-4FB1-A0A0-96104B154282",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:6.6:*:*:*:*:*:*:*",
"matchCriteriaId": "467A831E-C63B-476F-A71F-8FB52556BC45",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:6.7:*:*:*:*:*:*:*",
"matchCriteriaId": "84FF61DF-D634-4FB5-8DF1-01F631BE1A7A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "142AD0DD-4CF3-4D74-9442-459CE3347E3A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "2E4DC974-235F-4655-966F-2490A4C4E490",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "B99A2411-7F6A-457F-A7BF-EB13C630F902",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:7.4:*:*:*:*:*:*:*",
"matchCriteriaId": "041F9200-4C01-4187-AE34-240E8277B54D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:7.5:*:*:*:*:*:*:*",
"matchCriteriaId": "4EB48767-F095-444F-9E05-D9AC345AB803",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "33C068A4-3780-4EAB-A937-6082DF847564",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9BBCD86A-E6C7-4444-9D74-F861084090F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "51EF4996-72F4-4FA4-814F-F5991E7A8318",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E5ED5807-55B7-47C5-97A6-03233F4FBC3A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "825ECE2D-E232-46E0-A047-074B34DB1E97",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "DHCP packages in Red Hat Enterprise Linux 6 and 7, Fedora 28, and earlier are vulnerable to a command injection flaw in the NetworkManager integration script included in the DHCP client. A malicious DHCP server, or an attacker on the local network able to spoof DHCP responses, could use this flaw to execute arbitrary commands with root privileges on systems using NetworkManager and configured to obtain network configuration using the DHCP protocol."
},
{
"lang": "es",
"value": "Los paquetes DHCP en Red Hat Enterprise Linux 6 y 7, Fedora 28 y anteriores son vulnerables a un error de inyecci\u00f3n de comandos en el script de integraci\u00f3n NetworkManager incluido en el cliente DHCP. Un servidor DHCP malicioso o un atacante en la red ocal capaz de suplantar respuestas DHCP podr\u00eda emplear este error para ejecutar comandos arbitrarios con privilegios root en sistemas que emplean NetworkManager y se configuran para obtener la configuraci\u00f3n de red mediante el protocolo de configuraci\u00f3n din\u00e1mica de host (DHCP)."
}
],
"id": "CVE-2018-1111",
"lastModified": "2024-11-21T03:59:12.207",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.9,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:A/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 5.5,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.6,
"impactScore": 5.9,
"source": "secalert@redhat.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.6,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-05-17T16:29:00.217",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/104195"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1040912"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1453"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1454"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1455"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1456"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1457"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1458"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1459"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1460"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1461"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1524"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "https://access.redhat.com/security/vulnerabilities/3442151"
},
{
"source": "secalert@redhat.com",
"tags": [
"Issue Tracking",
"Vendor Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-1111"
},
{
"source": "secalert@redhat.com",
"url": "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0"
},
{
"source": "secalert@redhat.com",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CDCLLCHYFFXW354HMB5QBXOQOY5BH2EJ/"
},
{
"source": "secalert@redhat.com",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IDJA4QRR74TMXW34Q3DYYFPVBYRTJBI7/"
},
{
"source": "secalert@redhat.com",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QMTTB54QNTPD2SK6UL32EVQHMZP6BUUD/"
},
{
"source": "secalert@redhat.com",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "https://www.exploit-db.com/exploits/44652/"
},
{
"source": "secalert@redhat.com",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "https://www.exploit-db.com/exploits/44890/"
},
{
"source": "secalert@redhat.com",
"url": "https://www.tenable.com/security/tns-2018-10"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/104195"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1040912"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1453"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1454"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1455"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1456"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1457"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1458"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1459"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1460"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1461"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1524"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://access.redhat.com/security/vulnerabilities/3442151"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Vendor Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-1111"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CDCLLCHYFFXW354HMB5QBXOQOY5BH2EJ/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IDJA4QRR74TMXW34Q3DYYFPVBYRTJBI7/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QMTTB54QNTPD2SK6UL32EVQHMZP6BUUD/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "https://www.exploit-db.com/exploits/44652/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "https://www.exploit-db.com/exploits/44890/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.tenable.com/security/tns-2018-10"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-77"
}
],
"source": "secalert@redhat.com",
"type": "Primary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-78"
}
],
"source": "nvd@nist.gov",
"type": "Secondary"
}
]
}
Vulnerability from fkie_nvd
Published
2013-11-02 19:55
Modified
2024-11-21 01:55
Severity ?
Summary
Stack-based buffer overflow in the reds_handle_ticket function in server/reds.c in SPICE 0.12.0 allows remote attackers to cause a denial of service (crash) via a long password in a SPICE ticket.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| spice_project | spice | 0.12.0 | |
| redhat | enterprise_virtualization | 3.0 | |
| redhat | enterprise_linux | 5 | |
| redhat | enterprise_linux | 6.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:spice_project:spice:0.12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "937428E5-EE31-4BBF-9774-EFB9866B58D9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:redhat:enterprise_virtualization:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "105130E9-D48E-4FB8-A715-E6438EC7E744",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:5:*:*:*:*:*:*:*",
"matchCriteriaId": "AA9B3CC0-DF1C-4A86-B2A3-A9D428A5A6E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2F6AB192-9D7D-4A9A-8995-E53A9DE9EAFC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Stack-based buffer overflow in the reds_handle_ticket function in server/reds.c in SPICE 0.12.0 allows remote attackers to cause a denial of service (crash) via a long password in a SPICE ticket."
},
{
"lang": "es",
"value": "Desbordamiento de b\u00fafer de pila en la funci\u00f3n reds_handle_ticket en server/reds.c en SPICE 0.12.0 que permite a atacantes remotos provocar una denegaci\u00f3n de servicio (ca\u00edda) a trav\u00e9s de una contrase\u00f1a larga en un ticket de SPICE."
}
],
"id": "CVE-2013-4282",
"lastModified": "2024-11-21T01:55:16.360",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2013-11-02T19:55:04.633",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Exploit",
"Patch"
],
"url": "http://cgit.freedesktop.org/spice/spice/commit/?id=8af619009660b24e0b41ad26b30289eea288fcc2"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00008.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1460.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1473.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1474.html"
},
{
"source": "secalert@redhat.com",
"url": "http://www.debian.org/security/2014/dsa-2839"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securityfocus.com/bid/63408"
},
{
"source": "secalert@redhat.com",
"url": "http://www.ubuntu.com/usn/USN-2027-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Patch"
],
"url": "http://cgit.freedesktop.org/spice/spice/commit/?id=8af619009660b24e0b41ad26b30289eea288fcc2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00008.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1460.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1473.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1474.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2014/dsa-2839"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/63408"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/USN-2027-1"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2013-08-19 23:55
Modified
2024-11-21 01:55
Severity ?
Summary
VDSM in Red Hat Enterprise Virtualization 3 and 3.2 allows privileged guest users to cause the host to become "unavailable to the managment server" via invalid XML characters in a guest agent response. NOTE: this issue is due to an incomplete fix for CVE-2013-0167.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| redhat | enterprise_virtualization | 3.0 | |
| redhat | enterprise_virtualization | 3.2 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:redhat:enterprise_virtualization:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "105130E9-D48E-4FB8-A715-E6438EC7E744",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:enterprise_virtualization:3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "4CB24864-E9F3-4EE2-BFA4-9C6C1EB9EF8B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "VDSM in Red Hat Enterprise Virtualization 3 and 3.2 allows privileged guest users to cause the host to become \"unavailable to the managment server\" via invalid XML characters in a guest agent response. NOTE: this issue is due to an incomplete fix for CVE-2013-0167."
},
{
"lang": "es",
"value": "VDSM en Red Hat Enterprise Virtualization 3 y 3.2, permite a a usuarios con provilegios en la m\u00e1quina \"invitada\" provocar que el host no \"est\u00e9 disponible para el servidor de gesti\u00f3n\" a trav\u00e9s de car\u00e1cteres XML no v\u00e1lidos en una respuesta. NOTA: esta cuesti\u00f3n es debido a una soluci\u00f3n incompleta del CVE-2013-0167."
}
],
"id": "CVE-2013-4236",
"lastModified": "2024-11-21T01:55:11.260",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 2.7,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:A/AC:L/Au:S/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 5.1,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2013-08-19T23:55:08.930",
"references": [
{
"source": "secalert@redhat.com",
"url": "http://gerrit.ovirt.org/gitweb?p=vdsm.git%3Ba=commit%3Bh=5fe1615b7949999fc9abd896bde63bf24f8431d6"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1155.html"
},
{
"source": "secalert@redhat.com",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=996166"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://gerrit.ovirt.org/gitweb?p=vdsm.git%3Ba=commit%3Bh=5fe1615b7949999fc9abd896bde63bf24f8431d6"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1155.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=996166"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-11-04 19:15
Modified
2024-11-21 01:55
Severity ?
Summary
Insecure temporary file vulnerability in RedHat vsdm 4.9.6.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| secalert@redhat.com | https://access.redhat.com/security/cve/cve-2013-4280 | Vendor Advisory | |
| secalert@redhat.com | https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4280 | Exploit, Issue Tracking, Vendor Advisory | |
| secalert@redhat.com | https://security-tracker.debian.org/tracker/CVE-2013-4280 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://access.redhat.com/security/cve/cve-2013-4280 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4280 | Exploit, Issue Tracking, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security-tracker.debian.org/tracker/CVE-2013-4280 | Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| redhat | virtual_desktop_server_manager | 4.9.6 | |
| redhat | enterprise_virtualization | 3.0 | |
| redhat | storage | 2.0 | |
| redhat | storage | 2.1 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:redhat:virtual_desktop_server_manager:4.9.6:*:*:*:*:*:*:*",
"matchCriteriaId": "F21C36C5-57E9-4E70-9528-C18EE12EC237",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:redhat:enterprise_virtualization:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "105130E9-D48E-4FB8-A715-E6438EC7E744",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:storage:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "52B90A04-DD6D-4AE7-A0E5-6B381127D507",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:storage:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "53C986BD-2D1F-4865-B16D-72FD875E3776",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Insecure temporary file vulnerability in RedHat vsdm 4.9.6."
},
{
"lang": "es",
"value": "Vulnerabilidad de archivo temporal no seguro en RedHat vsdm versi\u00f3n 4.9.6."
}
],
"id": "CVE-2013-4280",
"lastModified": "2024-11-21T01:55:16.137",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-11-04T19:15:10.303",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "https://access.redhat.com/security/cve/cve-2013-4280"
},
{
"source": "secalert@redhat.com",
"tags": [
"Exploit",
"Issue Tracking",
"Vendor Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4280"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://security-tracker.debian.org/tracker/CVE-2013-4280"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://access.redhat.com/security/cve/cve-2013-4280"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Issue Tracking",
"Vendor Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4280"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security-tracker.debian.org/tracker/CVE-2013-4280"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-668"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2015-05-13 18:59
Modified
2024-11-21 02:29
Severity ?
Summary
The Floppy Disk Controller (FDC) in QEMU, as used in Xen 4.5.x and earlier and KVM, allows local guest users to cause a denial of service (out-of-bounds write and guest crash) or possibly execute arbitrary code via the (1) FD_CMD_READ_ID, (2) FD_CMD_DRIVE_SPECIFICATION_COMMAND, or other unspecified commands, aka VENOM.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| qemu | qemu | * | |
| redhat | enterprise_virtualization | 3.0 | |
| redhat | openstack | 4.0 | |
| redhat | openstack | 5.0 | |
| redhat | openstack | 6.0 | |
| redhat | openstack | 7.0 | |
| redhat | enterprise_linux | 5 | |
| redhat | enterprise_linux | 6.0 | |
| redhat | enterprise_linux | 7.0 | |
| xen | xen | 4.5.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:qemu:qemu:*:*:*:*:*:*:*:*",
"matchCriteriaId": "ABF17A18-4BE8-41B7-B50C-F4A137B3B2F1",
"versionEndIncluding": "2.3.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:redhat:enterprise_virtualization:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "105130E9-D48E-4FB8-A715-E6438EC7E744",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:openstack:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1802FDB8-C919-4D5E-A8AD-4C5B72525090",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:openstack:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B152EDF3-3140-4343-802F-F4F1C329F5C3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:openstack:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "31EC146C-A6F6-4C0D-AF87-685286262DAA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:openstack:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9DAA72A4-AC7D-4544-89D4-5B07961D5A95",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:5:*:*:*:*:*:*:*",
"matchCriteriaId": "AA9B3CC0-DF1C-4A86-B2A3-A9D428A5A6E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2F6AB192-9D7D-4A9A-8995-E53A9DE9EAFC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "142AD0DD-4CF3-4D74-9442-459CE3347E3A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:xen:xen:4.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "90CCECD0-C0F9-45A8-8699-64428637EBCA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Floppy Disk Controller (FDC) in QEMU, as used in Xen 4.5.x and earlier and KVM, allows local guest users to cause a denial of service (out-of-bounds write and guest crash) or possibly execute arbitrary code via the (1) FD_CMD_READ_ID, (2) FD_CMD_DRIVE_SPECIFICATION_COMMAND, or other unspecified commands, aka VENOM."
},
{
"lang": "es",
"value": "Floppy Disk Controller (FDC) en QEMU, utilizado en Xen 4.5.x y anteriores y KVM, permite a usuarios locales invitados causar una denegaci\u00f3n de servicio (escritura fuera de rango y ca\u00edda del invitado) o posiblemente ejecutar c\u00f3digo arbitrario a trav\u00e9s de (1) FD_CMD_READ_ID, (2) FD_CMD_DRIVE_SPECIFICATION_COMMAND, u otros comandos sin especificar, tambi\u00e9n conocido como VENOM."
}
],
"evaluatorComment": "Though the VENOM vulnerability is also agnostic of the guest operating system, an attacker (or an attacker\u2019s malware) would need to have administrative or root privileges in the guest operating system in order to exploit VENOM",
"id": "CVE-2015-3456",
"lastModified": "2024-11-21T02:29:27.637",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.7,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:A/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 5.1,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2015-05-13T18:59:00.157",
"references": [
{
"source": "cve@mitre.org",
"url": "http://git.qemu.org/?p=qemu.git%3Ba=commitdiff%3Bh=e907746266721f305d67bc0718795fedee2e824c"
},
{
"source": "cve@mitre.org",
"url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10693"
},
{
"source": "cve@mitre.org",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/158072.html"
},
{
"source": "cve@mitre.org",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00009.html"
},
{
"source": "cve@mitre.org",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00013.html"
},
{
"source": "cve@mitre.org",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00014.html"
},
{
"source": "cve@mitre.org",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00018.html"
},
{
"source": "cve@mitre.org",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00019.html"
},
{
"source": "cve@mitre.org",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00021.html"
},
{
"source": "cve@mitre.org",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00042.html"
},
{
"source": "cve@mitre.org",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00001.html"
},
{
"source": "cve@mitre.org",
"url": "http://lists.opensuse.org/opensuse-updates/2015-08/msg00021.html"
},
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=143229451215900\u0026w=2"
},
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=143229451215900\u0026w=2"
},
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=143387998230996\u0026w=2"
},
{
"source": "cve@mitre.org",
"url": "http://rhn.redhat.com/errata/RHSA-2015-0998.html"
},
{
"source": "cve@mitre.org",
"url": "http://rhn.redhat.com/errata/RHSA-2015-0999.html"
},
{
"source": "cve@mitre.org",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1000.html"
},
{
"source": "cve@mitre.org",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1001.html"
},
{
"source": "cve@mitre.org",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1002.html"
},
{
"source": "cve@mitre.org",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1003.html"
},
{
"source": "cve@mitre.org",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1004.html"
},
{
"source": "cve@mitre.org",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1011.html"
},
{
"source": "cve@mitre.org",
"url": "http://support.citrix.com/article/CTX201078"
},
{
"source": "cve@mitre.org",
"url": "http://venom.crowdstrike.com/"
},
{
"source": "cve@mitre.org",
"url": "http://www.debian.org/security/2015/dsa-3259"
},
{
"source": "cve@mitre.org",
"url": "http://www.debian.org/security/2015/dsa-3262"
},
{
"source": "cve@mitre.org",
"url": "http://www.debian.org/security/2015/dsa-3274"
},
{
"source": "cve@mitre.org",
"url": "http://www.fortiguard.com/advisory/2015-05-19-cve-2015-3456-venom-vulnerability"
},
{
"source": "cve@mitre.org",
"url": "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/74640"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id/1032306"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id/1032311"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id/1032917"
},
{
"source": "cve@mitre.org",
"url": "http://www.ubuntu.com/usn/USN-2608-1"
},
{
"source": "cve@mitre.org",
"url": "http://www1.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-438937.htm"
},
{
"source": "cve@mitre.org",
"url": "http://xenbits.xen.org/xsa/advisory-133.html"
},
{
"source": "cve@mitre.org",
"url": "https://access.redhat.com/articles/1444903"
},
{
"source": "cve@mitre.org",
"url": "https://bto.bluecoat.com/security-advisory/sa95"
},
{
"source": "cve@mitre.org",
"url": "https://kb.juniper.net/JSA10783"
},
{
"source": "cve@mitre.org",
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10118"
},
{
"source": "cve@mitre.org",
"url": "https://security.gentoo.org/glsa/201602-01"
},
{
"source": "cve@mitre.org",
"url": "https://security.gentoo.org/glsa/201604-03"
},
{
"source": "cve@mitre.org",
"url": "https://security.gentoo.org/glsa/201612-27"
},
{
"source": "cve@mitre.org",
"url": "https://securityblog.redhat.com/2015/05/13/venom-dont-get-bitten/"
},
{
"source": "cve@mitre.org",
"url": "https://support.lenovo.com/us/en/product_security/venom"
},
{
"source": "cve@mitre.org",
"url": "https://www.arista.com/en/support/advisories-notices/security-advisories/1128-security-advisory-10"
},
{
"source": "cve@mitre.org",
"url": "https://www.exploit-db.com/exploits/37053/"
},
{
"source": "cve@mitre.org",
"url": "https://www.suse.com/security/cve/CVE-2015-3456.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://git.qemu.org/?p=qemu.git%3Ba=commitdiff%3Bh=e907746266721f305d67bc0718795fedee2e824c"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10693"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/158072.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00009.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00013.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00014.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00018.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00019.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00021.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00042.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00001.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-updates/2015-08/msg00021.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=143229451215900\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=143229451215900\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=143387998230996\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2015-0998.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2015-0999.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1000.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1001.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1002.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1003.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1004.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1011.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://support.citrix.com/article/CTX201078"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://venom.crowdstrike.com/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2015/dsa-3259"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2015/dsa-3262"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2015/dsa-3274"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.fortiguard.com/advisory/2015-05-19-cve-2015-3456-venom-vulnerability"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/74640"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1032306"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1032311"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1032917"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/USN-2608-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www1.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-438937.htm"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://xenbits.xen.org/xsa/advisory-133.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://access.redhat.com/articles/1444903"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bto.bluecoat.com/security-advisory/sa95"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://kb.juniper.net/JSA10783"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10118"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.gentoo.org/glsa/201602-01"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.gentoo.org/glsa/201604-03"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.gentoo.org/glsa/201612-27"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://securityblog.redhat.com/2015/05/13/venom-dont-get-bitten/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://support.lenovo.com/us/en/product_security/venom"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.arista.com/en/support/advisories-notices/security-advisories/1128-security-advisory-10"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.exploit-db.com/exploits/37053/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.suse.com/security/cve/CVE-2015-3456.html"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2014-02-10 18:15
Modified
2024-11-21 01:40
Severity ?
Summary
The vfprintf function in stdio-common/vfprintf.c in GNU C Library (aka glibc) 2.5, 2.12, and probably other versions does not "properly restrict the use of" the alloca function when allocating the SPECS array, which allows context-dependent attackers to bypass the FORTIFY_SOURCE format-string protection mechanism and cause a denial of service (crash) or possibly execute arbitrary code via a crafted format string using positional parameters and a large number of format specifiers, a different vulnerability than CVE-2012-3404 and CVE-2012-3405.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| gnu | glibc | 2.5 | |
| gnu | glibc | 2.12 | |
| redhat | enterprise_virtualization | 3.0 | |
| canonical | ubuntu_linux | 8.04 | |
| canonical | ubuntu_linux | 10.04 | |
| canonical | ubuntu_linux | 11.04 | |
| canonical | ubuntu_linux | 11.10 | |
| canonical | ubuntu_linux | 12.04 | |
| redhat | enterprise_linux | 5 | |
| redhat | enterprise_linux | 6.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:gnu:glibc:2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "DC0B9503-9AD0-4A1A-BD4F-4B902BFC8E5F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.12:*:*:*:*:*:*:*",
"matchCriteriaId": "18F57529-10DF-447A-8C53-DD4B1C2AA21E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:enterprise_virtualization:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "105130E9-D48E-4FB8-A715-E6438EC7E744",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:8.04:-:lts:*:*:*:*:*",
"matchCriteriaId": "D6DFE2D3-46E2-4D0C-8508-30307D654560",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:10.04:-:lts:*:*:*:*:*",
"matchCriteriaId": "7118F616-25CA-4E34-AA13-4D14BB62419F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:11.04:*:*:*:*:*:*:*",
"matchCriteriaId": "EF49D26F-142E-468B-87C1-BABEA445255C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:11.10:*:*:*:*:*:*:*",
"matchCriteriaId": "E4174F4F-149E-41A6-BBCC-D01114C05F38",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:12.04:-:lts:*:*:*:*:*",
"matchCriteriaId": "F5D324C4-97C7-49D3-A809-9EAD4B690C69",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:5:*:*:*:*:*:*:*",
"matchCriteriaId": "AA9B3CC0-DF1C-4A86-B2A3-A9D428A5A6E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2F6AB192-9D7D-4A9A-8995-E53A9DE9EAFC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The vfprintf function in stdio-common/vfprintf.c in GNU C Library (aka glibc) 2.5, 2.12, and probably other versions does not \"properly restrict the use of\" the alloca function when allocating the SPECS array, which allows context-dependent attackers to bypass the FORTIFY_SOURCE format-string protection mechanism and cause a denial of service (crash) or possibly execute arbitrary code via a crafted format string using positional parameters and a large number of format specifiers, a different vulnerability than CVE-2012-3404 and CVE-2012-3405."
},
{
"lang": "es",
"value": "La funci\u00f3n vfprintf en stdio-common/vfprintf.c en GNU C Library (tambi\u00e9n conocido como glibc) 2.5, 2.12 y probablemente otras versiones no \"restringe debidamente el uso de\" la funci\u00f3n alloca cuando asigna el array SPECS, lo que permite a atacantes dependientes de contexto evadir el mecanismo de protecci\u00f3n de cadenas de formato FORTIFY_SOURCE y causar una denegaci\u00f3n de servicio (ca\u00edda) o posiblemente ejecutar c\u00f3digo arbitrario a trav\u00e9s de una cadena de formato manipulada mediante el uso de par\u00e1metros posicionales y un gran n\u00famero de especificadores de formato, una vulnerabilidad diferente a CVE-2012-3404 y CVE-2012-3405."
}
],
"id": "CVE-2012-3406",
"lastModified": "2024-11-21T01:40:48.370",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2014-02-10T18:15:10.120",
"references": [
{
"source": "secalert@redhat.com",
"url": "http://rhn.redhat.com/errata/RHSA-2012-1097.html"
},
{
"source": "secalert@redhat.com",
"url": "http://rhn.redhat.com/errata/RHSA-2012-1098.html"
},
{
"source": "secalert@redhat.com",
"url": "http://rhn.redhat.com/errata/RHSA-2012-1185.html"
},
{
"source": "secalert@redhat.com",
"url": "http://rhn.redhat.com/errata/RHSA-2012-1200.html"
},
{
"source": "secalert@redhat.com",
"url": "http://www.openwall.com/lists/oss-security/2012/07/11/17"
},
{
"source": "secalert@redhat.com",
"url": "http://www.ubuntu.com/usn/USN-1589-1"
},
{
"source": "secalert@redhat.com",
"url": "https://bugzilla.redhat.com/attachment.cgi?id=594722"
},
{
"source": "secalert@redhat.com",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=826943"
},
{
"source": "secalert@redhat.com",
"url": "https://security.gentoo.org/glsa/201503-04"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2012-1097.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2012-1098.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2012-1185.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2012-1200.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2012/07/11/17"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/USN-1589-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugzilla.redhat.com/attachment.cgi?id=594722"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=826943"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.gentoo.org/glsa/201503-04"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-264"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2010-08-24 18:00
Modified
2024-11-21 01:17
Severity ?
Summary
The subpage MMIO initialization functionality in the subpage_register function in exec.c in QEMU-KVM, as used in the Hypervisor (aka rhev-hypervisor) in Red Hat Enterprise Virtualization (RHEV) 2.2 and KVM 83, does not properly select the index for access to the callback array, which allows guest OS users to cause a denial of service (guest OS crash) or possibly gain privileges via unspecified vectors.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| redhat | enterprise_virtualization | 2.2 | |
| redhat | kvm | 83 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:redhat:enterprise_virtualization:2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "C9C4DBCA-6BC6-4A13-8250-6CE0A7A6BCB1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:kvm:83:*:*:*:*:*:*:*",
"matchCriteriaId": "C9998FC2-8189-4269-BEF5-2044933ACB30",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The subpage MMIO initialization functionality in the subpage_register function in exec.c in QEMU-KVM, as used in the Hypervisor (aka rhev-hypervisor) in Red Hat Enterprise Virtualization (RHEV) 2.2 and KVM 83, does not properly select the index for access to the callback array, which allows guest OS users to cause a denial of service (guest OS crash) or possibly gain privileges via unspecified vectors."
},
{
"lang": "es",
"value": "La funcionalidad de inicializaci\u00f3n de subpaginas MMIO en la funci\u00f3n subpage_register de exec.c en QEMU-KVM, tal como se utiliza en Hypervisor (alias rhev-hipervisor) en Red Hat Enterprise Virtualization (RHEV) v2.2 y KVM 83, no selecciona adecuadamente el \u00edndice para acceder a la matriz de callback, lo que permite causar, a los usuarios del sistema operativo hu\u00e9sped, una denegaci\u00f3n de servicio (caida del sistema operativo) o posiblemente obtener privilegios mediante vectores no especificados."
}
],
"id": "CVE-2010-2784",
"lastModified": "2024-11-21T01:17:22.310",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "SINGLE",
"availabilityImpact": "COMPLETE",
"baseScore": 6.6,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:M/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 2.7,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2010-08-24T18:00:39.050",
"references": [
{
"source": "secalert@redhat.com",
"url": "http://www.spinics.net/lists/kvm/msg39173.html"
},
{
"source": "secalert@redhat.com",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=619411"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://rhn.redhat.com/errata/RHSA-2010-0622.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://rhn.redhat.com/errata/RHSA-2010-0627.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.spinics.net/lists/kvm/msg39173.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=619411"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://rhn.redhat.com/errata/RHSA-2010-0622.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://rhn.redhat.com/errata/RHSA-2010-0627.html"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-264"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-11-13 17:15
Modified
2024-11-21 02:18
Severity ?
Summary
vdsm and vdsclient does not validate certficate hostname from another vdsm which could facilitate a man-in-the-middle attack
References
| ▼ | URL | Tags | |
|---|---|---|---|
| secalert@redhat.com | https://access.redhat.com/security/cve/cve-2014-8167 | Third Party Advisory | |
| secalert@redhat.com | https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2014-8167 | Issue Tracking, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://access.redhat.com/security/cve/cve-2014-8167 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2014-8167 | Issue Tracking, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| redhat | enterprise_virtualization | 3.0 | |
| redhat | vdsclient | - | |
| redhat | virtual_desktop_server_manager | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:redhat:enterprise_virtualization:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "105130E9-D48E-4FB8-A715-E6438EC7E744",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:vdsclient:-:*:*:*:*:*:*:*",
"matchCriteriaId": "92087AB4-2268-4863-ABD8-1B96C0D116A9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:virtual_desktop_server_manager:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A12291A0-97EA-4F4F-8444-397DB8899108",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "vdsm and vdsclient does not validate certficate hostname from another vdsm which could facilitate a man-in-the-middle attack"
},
{
"lang": "es",
"value": "vdsm y vdsclient no comprueban la certificaci\u00f3n del nombre de host desde otro vdsm, lo que podr\u00eda facilitar un ataque de tipo man-in-the-middle."
}
],
"id": "CVE-2014-8167",
"lastModified": "2024-11-21T02:18:41.930",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.2,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-11-13T17:15:13.617",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/security/cve/cve-2014-8167"
},
{
"source": "secalert@redhat.com",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2014-8167"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/security/cve/cve-2014-8167"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2014-8167"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-295"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2010-08-24 18:00
Modified
2024-11-21 01:12
Severity ?
Summary
The Hypervisor (aka rhev-hypervisor) in Red Hat Enterprise Virtualization (RHEV) 2.2, and KVM 83, when the Intel VT-x extension is enabled, allows guest OS users to cause a denial of service (NULL pointer dereference and host OS crash) via vectors related to instruction emulation.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| redhat | enterprise_virtualization | 2.2 | |
| redhat | kvm | 83 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:redhat:enterprise_virtualization:2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "C9C4DBCA-6BC6-4A13-8250-6CE0A7A6BCB1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:kvm:83:*:*:*:*:*:*:*",
"matchCriteriaId": "C9998FC2-8189-4269-BEF5-2044933ACB30",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Hypervisor (aka rhev-hypervisor) in Red Hat Enterprise Virtualization (RHEV) 2.2, and KVM 83, when the Intel VT-x extension is enabled, allows guest OS users to cause a denial of service (NULL pointer dereference and host OS crash) via vectors related to instruction emulation."
},
{
"lang": "es",
"value": "El Hypervisor (alias rhev-hipervisor) en Red Hat Enterprise Virtualization (RHEV) v2.2 y KVM 83, cuando la extensi\u00f3n Intel VT-x est\u00e1 activada, permite causar, a los usuarios del sistema operativo hu\u00e9sped, una denegaci\u00f3n de servicio (uso de puntero nulo y caida del sistema operativo anfitri\u00f3n) a trav\u00e9s de vectores relacionados con la emulaci\u00f3n de instrucciones."
}
],
"evaluatorComment": "Per: http://cwe.mitre.org/data/definitions/476.html\r\n\r\n\u0027NULL Pointer Dereference\u0027",
"id": "CVE-2010-0435",
"lastModified": "2024-11-21T01:12:12.713",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "SINGLE",
"availabilityImpact": "COMPLETE",
"baseScore": 4.6,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:S/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.1,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2010-08-24T18:00:38.927",
"references": [
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00000.html"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/42778"
},
{
"source": "secalert@redhat.com",
"url": "http://www.vupen.com/english/advisories/2011/0012"
},
{
"source": "secalert@redhat.com",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=570528"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://rhn.redhat.com/errata/RHSA-2010-0622.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://rhn.redhat.com/errata/RHSA-2010-0627.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00000.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/42778"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2011/0012"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=570528"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://rhn.redhat.com/errata/RHSA-2010-0622.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://rhn.redhat.com/errata/RHSA-2010-0627.html"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2010-08-24 18:00
Modified
2024-11-21 01:17
Severity ?
Summary
Virtual Desktop Server Manager (VDSM) in Red Hat Enterprise Virtualization (RHEV) 2.2 does not properly accept TCP connections for SSL sessions, which allows remote attackers to cause a denial of service (daemon outage) via crafted SSL traffic.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| redhat | enterprise_virtualization | 2.2 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:redhat:enterprise_virtualization:2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "C9C4DBCA-6BC6-4A13-8250-6CE0A7A6BCB1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Virtual Desktop Server Manager (VDSM) in Red Hat Enterprise Virtualization (RHEV) 2.2 does not properly accept TCP connections for SSL sessions, which allows remote attackers to cause a denial of service (daemon outage) via crafted SSL traffic."
},
{
"lang": "es",
"value": "Virtual Desktop Server Manager (VDSM) en Red Hat Enterprise Virtualization (RHEV) v2.2 no acepta adecuadamente conexiones TCP para sesiones de SSL, que permite a atacantes remotos provocar una denegaci\u00f3n de servicio (parada de demonio) a trav\u00e9s de tr\u00e1fico SSL debidamente modificado."
}
],
"id": "CVE-2010-2811",
"lastModified": "2024-11-21T01:17:25.340",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 5.7,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:A/AC:M/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 5.5,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2010-08-24T18:00:39.190",
"references": [
{
"source": "secalert@redhat.com",
"url": "http://securitytracker.com/id?1024347"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securityfocus.com/bid/42580"
},
{
"source": "secalert@redhat.com",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=622928"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://rhn.redhat.com/errata/RHSA-2010-0622.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://rhn.redhat.com/errata/RHSA-2010-0628.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1024347"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/42580"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=622928"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://rhn.redhat.com/errata/RHSA-2010-0622.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://rhn.redhat.com/errata/RHSA-2010-0628.html"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2015-09-08 15:59
Modified
2024-11-21 02:26
Severity ?
Summary
The Web Admin interface in Red Hat Enterprise Virtualization Manager (RHEV-M) allows local users to bypass the timeout function by selecting a VM in the VM grid view.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| redhat | enterprise_virtualization | 3.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:redhat:enterprise_virtualization:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "105130E9-D48E-4FB8-A715-E6438EC7E744",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Web Admin interface in Red Hat Enterprise Virtualization Manager (RHEV-M) allows local users to bypass the timeout function by selecting a VM in the VM grid view."
},
{
"lang": "es",
"value": "Vulnerabilidad en la interfaz Web Admin en Red Hat Enterprise Virtualization Manager (RHEV-M), permite a usuarios locales eludir la funci\u00f3n timeout seleccionando una VM en la vista de cuadr\u00edcula VM."
}
],
"id": "CVE-2015-1841",
"lastModified": "2024-11-21T02:26:15.107",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "HIGH",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 3.7,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:H/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 1.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2015-09-08T15:59:00.127",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1713.html"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securitytracker.com/id/1033459"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1713.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1033459"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-17"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2014-02-10 18:15
Modified
2024-11-21 01:40
Severity ?
Summary
The vfprintf function in stdio-common/vfprintf.c in libc in GNU C Library (aka glibc) 2.12 and other versions does not properly calculate a buffer length, which allows context-dependent attackers to bypass the FORTIFY_SOURCE format-string protection mechanism and cause a denial of service (stack corruption and crash) via a format string that uses positional parameters and many format specifiers.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| gnu | glibc | 2.12 | |
| redhat | enterprise_virtualization | 3.0 | |
| canonical | ubuntu_linux | 8.04 | |
| canonical | ubuntu_linux | 10.04 | |
| canonical | ubuntu_linux | 11.04 | |
| canonical | ubuntu_linux | 11.10 | |
| canonical | ubuntu_linux | 12.04 | |
| redhat | enterprise_linux | 6.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:gnu:glibc:2.12:*:*:*:*:*:*:*",
"matchCriteriaId": "18F57529-10DF-447A-8C53-DD4B1C2AA21E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:enterprise_virtualization:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "105130E9-D48E-4FB8-A715-E6438EC7E744",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:8.04:-:lts:*:*:*:*:*",
"matchCriteriaId": "D6DFE2D3-46E2-4D0C-8508-30307D654560",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:10.04:-:lts:*:*:*:*:*",
"matchCriteriaId": "7118F616-25CA-4E34-AA13-4D14BB62419F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:11.04:*:*:*:*:*:*:*",
"matchCriteriaId": "EF49D26F-142E-468B-87C1-BABEA445255C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:11.10:*:*:*:*:*:*:*",
"matchCriteriaId": "E4174F4F-149E-41A6-BBCC-D01114C05F38",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:12.04:-:lts:*:*:*:*:*",
"matchCriteriaId": "F5D324C4-97C7-49D3-A809-9EAD4B690C69",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2F6AB192-9D7D-4A9A-8995-E53A9DE9EAFC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The vfprintf function in stdio-common/vfprintf.c in libc in GNU C Library (aka glibc) 2.12 and other versions does not properly calculate a buffer length, which allows context-dependent attackers to bypass the FORTIFY_SOURCE format-string protection mechanism and cause a denial of service (stack corruption and crash) via a format string that uses positional parameters and many format specifiers."
},
{
"lang": "es",
"value": "La funci\u00f3n vfprintf en stdio-common/vfprintf.c en libc en GNU C Library (tambi\u00e9n conocido como glibc) 2.12 y otras versiones no calcula correctamente una longitud de buffer, lo que permite a atacantes dependientes de contexto evadir el mecanismo de protecci\u00f3n de cadenas de formato FORTIFY_SOURCE y causar una denegaci\u00f3n de servicio (corrupci\u00f3n de pila y ca\u00edda) a trav\u00e9s de una cadena de formato que utiliza par\u00e1metros posicionales y muchos especificadores de formato."
}
],
"id": "CVE-2012-3404",
"lastModified": "2024-11-21T01:40:48.117",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2014-02-10T18:15:10.013",
"references": [
{
"source": "secalert@redhat.com",
"url": "http://rhn.redhat.com/errata/RHSA-2012-1098.html"
},
{
"source": "secalert@redhat.com",
"url": "http://rhn.redhat.com/errata/RHSA-2012-1200.html"
},
{
"source": "secalert@redhat.com",
"url": "http://www.openwall.com/lists/oss-security/2012/07/11/17"
},
{
"source": "secalert@redhat.com",
"url": "http://www.ubuntu.com/usn/USN-1589-1"
},
{
"source": "secalert@redhat.com",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=833703"
},
{
"source": "secalert@redhat.com",
"url": "https://security.gentoo.org/glsa/201503-04"
},
{
"source": "secalert@redhat.com",
"tags": [
"Exploit",
"Patch"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=12445"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2012-1098.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2012-1200.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2012/07/11/17"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/USN-1589-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=833703"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.gentoo.org/glsa/201503-04"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Patch"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=12445"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-189"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2008-10-02 18:18
Modified
2024-11-21 00:49
Severity ?
Summary
Buffer overflow in the jas_stream_printf function in libjasper/base/jas_stream.c in JasPer 1.900.1 might allow context-dependent attackers to have an unknown impact via vectors related to the mif_hdr_put function and use of vsprintf.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| redhat | enterprise_virtualization | 3.5 | |
| jasper_project | jasper | 1.900.1 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:redhat:enterprise_virtualization:3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "AB7C9732-1E89-4EE1-B603-291A79B227C1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:jasper_project:jasper:1.900.1:*:*:*:*:*:*:*",
"matchCriteriaId": "79C699BE-8585-4A07-88AE-E17CF17D92CD",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in the jas_stream_printf function in libjasper/base/jas_stream.c in JasPer 1.900.1 might allow context-dependent attackers to have an unknown impact via vectors related to the mif_hdr_put function and use of vsprintf."
},
{
"lang": "es",
"value": "Desbordamiento de b\u00fafer en la funci\u00f3n jas_stream_printf de libjasper/base/jas_stream.c en JasPer v1.900.1 puede permitir a atacantes dependientes de contexto tener un impacto desconocido a trav\u00e9s de vectores relacionados con la funci\u00f3n mif_hdr_put y la utilizaci\u00f3n de vsprintf."
}
],
"id": "CVE-2008-3522",
"lastModified": "2024-11-21T00:49:27.300",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2008-10-02T18:18:05.790",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Exploit"
],
"url": "http://bugs.gentoo.org/attachment.cgi?id=163282\u0026action=view"
},
{
"source": "secalert@redhat.com",
"url": "http://bugs.gentoo.org/show_bug.cgi?id=222819"
},
{
"source": "secalert@redhat.com",
"url": "http://rhn.redhat.com/errata/RHSA-2015-0698.html"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/33173"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/34391"
},
{
"source": "secalert@redhat.com",
"url": "http://security.gentoo.org/glsa/glsa-200812-18.xml"
},
{
"source": "secalert@redhat.com",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:142"
},
{
"source": "secalert@redhat.com",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:144"
},
{
"source": "secalert@redhat.com",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:164"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securityfocus.com/bid/31470"
},
{
"source": "secalert@redhat.com",
"url": "http://www.slackware.com/security/viewer.php?l=slackware-security\u0026y=2015\u0026m=slackware-security.538606"
},
{
"source": "secalert@redhat.com",
"url": "http://www.ubuntu.com/usn/USN-742-1"
},
{
"source": "secalert@redhat.com",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45623"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://bugs.gentoo.org/attachment.cgi?id=163282\u0026action=view"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://bugs.gentoo.org/show_bug.cgi?id=222819"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2015-0698.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/33173"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/34391"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://security.gentoo.org/glsa/glsa-200812-18.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:142"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:144"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:164"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/31470"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.slackware.com/security/viewer.php?l=slackware-security\u0026y=2015\u0026m=slackware-security.538606"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/USN-742-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45623"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2013-01-31 23:55
Modified
2024-11-21 01:49
Severity ?
Summary
Stack-based buffer overflow in libpixman, as used in Pale Moon before 15.4 and possibly other products, has unspecified impact and context-dependent attack vectors. NOTE: this issue might be resultant from an integer overflow in the fast_composite_scaled_bilinear function in pixman-inlines.h, which triggers an infinite loop.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| redhat | enterprise_virtualization | 3.0 | |
| redhat | enterprise_linux | 6.0 | |
| palemoon | pale_moon | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:redhat:enterprise_virtualization:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "105130E9-D48E-4FB8-A715-E6438EC7E744",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2F6AB192-9D7D-4A9A-8995-E53A9DE9EAFC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:palemoon:pale_moon:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DC382A9A-521E-4EF7-8EAC-F262B26E4170",
"versionEndExcluding": "15.4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Stack-based buffer overflow in libpixman, as used in Pale Moon before 15.4 and possibly other products, has unspecified impact and context-dependent attack vectors. NOTE: this issue might be resultant from an integer overflow in the fast_composite_scaled_bilinear function in pixman-inlines.h, which triggers an infinite loop."
},
{
"lang": "es",
"value": "Desbordamiento de b\u00fafer basado en pila en libpixman, utilizado en Pale Moon anterior a 15.4, tiene un impacto y vectores de ataque no especificados."
}
],
"evaluatorComment": "Adding additional products per \n\nhttp://rhn.redhat.com/errata/RHSA-2013-0687.html\n\nRed Hat Enterprise Linux 6\n\nhttp://rhn.redhat.com/errata/RHSA-2013-0746.html\n\nRed Hat Enterprise Virtualization 3",
"id": "CVE-2013-1591",
"lastModified": "2024-11-21T01:49:56.713",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2013-01-31T23:55:01.037",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Patch"
],
"url": "http://cgit.freedesktop.org/pixman/commit/?id=de60e2e0e3eb6084f8f14b63f25b3cbfb012943f"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-0687.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-0746.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:116"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://www.palemoon.org/releasenotes-ng.shtml"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Issue Tracking",
"Patch"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=910149"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://support.f5.com/csp/article/K51392553"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://wiki.mageia.org/en/Support/Advisories/MGASA-2013-0077"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Patch"
],
"url": "http://cgit.freedesktop.org/pixman/commit/?id=de60e2e0e3eb6084f8f14b63f25b3cbfb012943f"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-0687.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-0746.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:116"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://www.palemoon.org/releasenotes-ng.shtml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Issue Tracking",
"Patch"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=910149"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://support.f5.com/csp/article/K51392553"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://wiki.mageia.org/en/Support/Advisories/MGASA-2013-0077"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-190"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2014-01-21 18:55
Modified
2024-11-21 01:51
Severity ?
Summary
Unquoted Windows search path vulnerability in Red Hat Enterprise Virtualization (RHEV) 3 and 3.2 allows local users to gain privileges via a crafted application in an unspecified folder.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| redhat | enterprise_virtualization | 3.0 | |
| redhat | enterprise_virtualization | 3.2 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:redhat:enterprise_virtualization:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "105130E9-D48E-4FB8-A715-E6438EC7E744",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:enterprise_virtualization:3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "4CB24864-E9F3-4EE2-BFA4-9C6C1EB9EF8B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unquoted Windows search path vulnerability in Red Hat Enterprise Virtualization (RHEV) 3 and 3.2 allows local users to gain privileges via a crafted application in an unspecified folder."
},
{
"lang": "es",
"value": "Vulnerabilidad de ruta de b\u00fasqueda en Windows sin comillas de Red Hat Enterprise Virtualization (RHEV) 3 y 3.2 permite a usuarios locales obtener privilegios a trav\u00e9s de una aplicaci\u00f3n manipulada en una carpeta sin especificar."
}
],
"evaluatorComment": "Per: http://cwe.mitre.org/data/definitions/426.html\n\n\"CWE-426: Untrusted Search Path\"",
"id": "CVE-2013-2151",
"lastModified": "2024-11-21T01:51:08.577",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2014-01-21T18:55:09.443",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-0925.html"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securityfocus.com/bid/60473"
},
{
"source": "secalert@redhat.com",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/84868"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-0925.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/60473"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/84868"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-10-03 18:59
Modified
2024-11-21 02:54
Severity ?
Summary
The ovirt-engine-provisiondb utility in Red Hat Enterprise Virtualization (RHEV) Engine 4.0 allows local users to obtain sensitive database provisioning information by reading log files.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| redhat | enterprise_virtualization | 4.0 | |
| redhat | enterprise_linux | 7.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:redhat:enterprise_virtualization:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "12544770-1AF9-4DD3-BC72-579DA0BC0F3E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "142AD0DD-4CF3-4D74-9442-459CE3347E3A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The ovirt-engine-provisiondb utility in Red Hat Enterprise Virtualization (RHEV) Engine 4.0 allows local users to obtain sensitive database provisioning information by reading log files."
},
{
"lang": "es",
"value": "La utilidad ovirt-engine-provisiondb en Red Hat Enterprise Virtualization (RHEV) Engine 4.0 permite a usuarios locales obtener informaci\u00f3n sensible del aprovisionamiento de la base de datos leyendo los archivos de registro."
}
],
"id": "CVE-2016-5432",
"lastModified": "2024-11-21T02:54:18.063",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-10-03T18:59:07.677",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-1967.html"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securityfocus.com/bid/92694"
},
{
"source": "secalert@redhat.com",
"tags": [
"Issue Tracking",
"Patch",
"Vendor Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1371428"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch"
],
"url": "https://gerrit.ovirt.org/#/q/I40c88ad48f8f7c2b8e06802137870b0c198b5129"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-1967.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/92694"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Patch",
"Vendor Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1371428"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "https://gerrit.ovirt.org/#/q/I40c88ad48f8f7c2b8e06802137870b0c198b5129"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-532"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2010-08-24 18:00
Modified
2024-11-21 01:12
Severity ?
Summary
QEMU-KVM, as used in the Hypervisor (aka rhev-hypervisor) in Red Hat Enterprise Virtualization (RHEV) 2.2 and KVM 83, does not properly validate guest QXL driver pointers, which allows guest OS users to cause a denial of service (invalid pointer dereference and guest OS crash) or possibly gain privileges via unspecified vectors.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| secalert@redhat.com | https://bugzilla.redhat.com/show_bug.cgi?id=568809 | Patch, Vendor Advisory | |
| secalert@redhat.com | https://rhn.redhat.com/errata/RHSA-2010-0622.html | Vendor Advisory | |
| secalert@redhat.com | https://rhn.redhat.com/errata/RHSA-2010-0627.html | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/show_bug.cgi?id=568809 | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://rhn.redhat.com/errata/RHSA-2010-0622.html | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://rhn.redhat.com/errata/RHSA-2010-0627.html | Patch, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| redhat | enterprise_virtualization | 2.2 | |
| redhat | kvm | 83 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:redhat:enterprise_virtualization:2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "C9C4DBCA-6BC6-4A13-8250-6CE0A7A6BCB1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:kvm:83:*:*:*:*:*:*:*",
"matchCriteriaId": "C9998FC2-8189-4269-BEF5-2044933ACB30",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "QEMU-KVM, as used in the Hypervisor (aka rhev-hypervisor) in Red Hat Enterprise Virtualization (RHEV) 2.2 and KVM 83, does not properly validate guest QXL driver pointers, which allows guest OS users to cause a denial of service (invalid pointer dereference and guest OS crash) or possibly gain privileges via unspecified vectors."
},
{
"lang": "es",
"value": "QEMU-KVM, tal como se utiliza en el Hypervisor (alias rhev-hipervisor) en Red Hat Enterprise Virtualization (RHEV) v2.2 y KVM 83, no valida correctamente los punteros a controladores QXL, lo que permite causar, a los usuarios del sistema operativo hu\u00e9sped, una denegaci\u00f3n de servicio (uso de puntero invalido y la ca\u00edda del sistema operativo hu\u00e9sped) o posiblemente ganar privilegios a trav\u00e9s de vectores no especificados."
}
],
"id": "CVE-2010-0431",
"lastModified": "2024-11-21T01:12:12.190",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "SINGLE",
"availabilityImpact": "COMPLETE",
"baseScore": 6.6,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:M/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 2.7,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2010-08-24T18:00:38.817",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=568809"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "https://rhn.redhat.com/errata/RHSA-2010-0622.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://rhn.redhat.com/errata/RHSA-2010-0627.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=568809"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://rhn.redhat.com/errata/RHSA-2010-0622.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://rhn.redhat.com/errata/RHSA-2010-0627.html"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}