virtualization · threatengine.sh

CVE-2023-5366

all versions

A flaw was found in Open vSwitch that allows ICMPv6 Neighbor Advertisement packets between virtual machines to bypass OpenFlow rul

7.1HIGH

CVE-2023-4911

all versions

A buffer overflow was discovered in the GNU C Library's dynamic loader ld.so while processing the GLIBC_TUNABLES environment varia

7.8HIGH

CVE-2023-1668

all versions

A flaw was found in openvswitch (OVS). When processing an IP packet with protocol 0, OVS will install the datapath flow without th

8.2HIGH

CVE-2022-2805

all versions

A flaw was found in ovirt-engine, which leads to the logging of plaintext passwords in the log file when using otapi-style. This f

6.5MEDIUM

CVE-2014-0148

all versions

Qemu before 2.0 block driver for Hyper-V VHDX Images is vulnerable to infinite loops and other potential issues when calculating B

5.5MEDIUM

CVE-2014-0147

all versions

Qemu before 1.6.2 block diver for the various disk image formats used by Bochs and for the QCOW version 2 format, are vulnerable t

6.2MEDIUM

CVE-2014-0144

all versions

QEMU before 2.0.0 block drivers for CLOOP, QCOW2 version 2 and various other image formats are vulnerable to potential memory corr

8.6HIGH

CVE-2022-2132

all versions

A permissive list of allowed inputs flaw was found in DPDK. This issue allows a remote attacker to cause a denial of service trigg

8.6HIGH

CVE-2022-0207

all versions

A race condition was found in vdsm. Functionality to obfuscate sensitive values in log files that may lead to values being stored

4.7MEDIUM

CVE-2022-2078

all versions

A vulnerability was found in the Linux kernel's nft_set_desc_concat_parse() function .This flaw allows an attacker to trigger a bu

5.5MEDIUM

CVE-2022-0435

all versions

A stack overflow flaw was found in the Linux kernel's TIPC protocol functionality in the way a user sends a packet with malicious

8.8HIGH

CVE-2022-0330

all versions

A random memory access flaw was found in the Linux kernel's GPU i915 kernel driver functionality in the way a user may run malicio

7.8HIGH

CVE-2022-27666

all versions

A heap buffer overflow flaw was found in IPsec ESP transformation code in net/ipv4/esp4.c and net/ipv6/esp6.c. This flaw allows a

7.8HIGH

CVE-2021-3620

all versions

A flaw was found in Ansible Engine's ansible-connection module, where sensitive information such as the Ansible user credentials i

5.5MEDIUM

CVE-2021-3609

all versions

.A flaw was found in the CAN BCM networking protocol in the Linux kernel, where a local attacker can abuse a flaw in the CAN subsy

7.0HIGH

CVE-2021-3677

all versions

A flaw was found in postgresql. A purpose-crafted query can read arbitrary bytes of server memory. In the default configuration, a

6.5MEDIUM

CVE-2020-25717

all versions

A flaw was found in the way Samba maps domain users to local users. An authenticated attacker could use this flaw to cause possibl

8.1HIGH

CVE-2021-3560

all versions

It was found that polkit could be tricked into bypassing the credential checks for D-Bus requests, elevating the privileges of the

7.8HIGH

CVE-2021-4154

all versions

A use-after-free flaw was found in cgroup1_parse_param in kernel/cgroup/cgroup-v1.c in the Linux kernel's cgroup v1 parser. A loca

8.8HIGH

CVE-2021-3621

all versions

A flaw was found in SSSD, where the sssctl command was vulnerable to shell command injection via the logs-fetch and cache-expire s

8.8HIGH

CVE-2021-3634

all versions

A flaw has been found in libssh in versions prior to 0.9.6. The SSH protocol keeps track of two shared secrets during the lifetime

6.5MEDIUM

CVE-2021-20191

all versions

A flaw was found in ansible. Credentials, such as secrets, are being disclosed in console log by default and not protected by no_l

5.5MEDIUM

CVE-2021-3501

all versions

A flaw was found in the Linux kernel in versions before 5.12. The value of internal.ndata, in the KVM API, is mapped to an array i

7.1HIGH

CVE-2019-14850

all versions

A denial of service vulnerability was discovered in nbdkit 1.12.7, 1.14.1 and 1.15.1. An attacker could connect to the nbdkit serv

3.7LOW

CVE-2020-27827

all versions

A flaw was found in multiple versions of OpenvSwitch. Specially crafted LLDP packets can cause memory to be lost when allocating d

7.5HIGH

CVE-2020-25657

all versions

A flaw was found in all released versions of m2crypto, where they are vulnerable to Bleichenbacher timing attacks in the RSA decry

5.9MEDIUM

CVE-2020-35497

all versions

A flaw was found in ovirt-engine 4.4.3 and earlier allowing an authenticated user to read other users' personal information, inclu

6.5MEDIUM

CVE-2020-10775

all versions

An Open redirect vulnerability was found in ovirt-engine versions 4.4 and earlier, where it allows remote attackers to redirect us

5.3MEDIUM

CVE-2019-19336

all versions

A cross-site scripting vulnerability was reported in the oVirt-engine's OAuth authorization endpoint before version 4.3.8. URL par

6.1MEDIUM

CVE-2013-4535

all versions

The virtqueue_map_sg function in hw/virtio/virtio.c in QEMU before 1.7.2 allows remote attackers to execute arbitrary files via a

8.8HIGH

CVE-2019-14859

all versions

A flaw was found in all python-ecdsa versions before 0.13.3, where it did not correctly verify whether signatures used DER encodin

9.1CRITICAL

CVE-2015-1780

all versions

oVirt users with MANIPULATE_STORAGE_DOMAIN permissions can attach a storage domain to any data-center

6.5MEDIUM

CVE-2019-14287

all versions

In Sudo before 1.8.28, an attacker with access to a Runas ALL sudoer account can bypass certain policy blacklists and session PAM

8.8HIGH

CVE-2019-14816

all versions

There is heap-based buffer overflow in kernel, all versions up to, excluding 5.3, in the marvell wifi chip driver in Linux kernel,

7.8HIGH

CVE-2019-14835

all versions

A buffer overflow flaw was found, in versions from 2.6.34 to 5.2.x, in the way Linux kernel's vhost functionality that translates

7.8HIGH

CVE-2019-10168

all versions

The virConnectBaselineHypervisorCPU() and virConnectCompareHypervisorCPU() libvirt APIs, 4.x.x before 4.10.1 and 5.x.x before 5.4.

7.8HIGH

CVE-2019-10167

all versions

The virConnectGetDomainCapabilities() libvirt API, versions 4.x.x before 4.10.1 and 5.x.x before 5.4.1, accepts an "emulatorbin" a

7.8HIGH

CVE-2019-10166

all versions

It was discovered that libvirtd, versions 4.x.x before 4.10.1 and 5.x.x before 5.4.1, would permit readonly clients to use the vir

7.8HIGH

CVE-2019-10161

all versions

It was discovered that libvirtd before versions 4.10.1 and 5.4.1 would permit read-only clients to use the virDomainSaveImageGetXM

7.8HIGH

CVE-2019-10126

all versions

A flaw was found in the Linux kernel. A heap based buffer overflow in mwifiex_uap_parse_tail_ies function in drivers/net/wireless/

9.8CRITICAL

CVE-2019-3888

all versions

A vulnerability was found in Undertow web server before 2.0.21. An information exposure of plain text credentials through log file

9.8CRITICAL

CVE-2019-10160

all versions

A security regression of CVE-2019-9636 was discovered in python since commit d537ab0ff9767ef024f26246899728f0116b1ec3 affecting ve

9.8CRITICAL

CVE-2019-3804

all versions

It was found that cockpit before version 184 used glib's base64 decode functionality incorrectly resulting in a denial of service

7.5HIGH

CVE-2019-3879

all versions

It was discovered that in the ovirt's REST API before version 4.3.2.1, RemoveDiskCommand is triggered as an internal command, mean

8.1HIGH

CVE-2019-9636

all versions

Python 2.7.x through 2.7.16 and 3.x through 3.7.2 is affected by: Improper Handling of Unicode Encoding (with an incorrect netloc)

9.8CRITICAL

CVE-2019-1559

all versions

If an application encounters a fatal protocol error and then calls SSL_shutdown() twice (once to send a close_notify, and once to

5.9MEDIUM

CVE-2018-16881

all versions

A denial of service vulnerability was found in rsyslog in the imptcp module. An attacker could send a specially crafted message to

7.5HIGH

CVE-2018-14660

all versions

A flaw was found in glusterfs server through versions 4.1.4 and 3.1.2 which allowed repeated usage of GF_META_LOCK_KEY xattr. A re

6.5MEDIUM

CVE-2018-14661

all versions

It was found that usage of snprintf function in feature/locks translator of glusterfs server 3.8.4, as shipped with Red Hat Gluste

6.5MEDIUM

CVE-2018-14659

all versions

The Gluster file system through versions 4.1.4 and 3.1.2 is vulnerable to a denial of service attack via use of the 'GF_XATTR_IOST

6.5MEDIUM

CVE-2018-14654

all versions

The Gluster file system through version 4.1.4 is vulnerable to abuse of the 'features/index' translator. A remote attacker with ac

6.5MEDIUM

CVE-2018-17963

all versions

qemu_deliver_packet_iov in net/net.c in Qemu accepts packet sizes greater than INT_MAX, which allows attackers to cause a denial o

9.8CRITICAL

CVE-2018-17958

all versions

Qemu has a Buffer Overflow in rtl8139_do_receive in hw/net/rtl8139.c because an incorrect integer data type is used.

7.5HIGH

CVE-2018-1114

all versions

It was found that URLResource.getLastModified() in Undertow closes the file descriptors only when they are finalized which can cau

6.5MEDIUM

CVE-2018-10930

all versions

A flaw was found in RPC request using gfs3_rename_req in glusterfs server. An authenticated attacker could use this flaw to write

6.5MEDIUM

CVE-2018-10858

all versions

A heap-buffer overflow was found in the way samba clients processed extra long filename in a directory listing. A malicious samba

4.3MEDIUM

CVE-2015-5160

all versions

libvirt before 2.2 includes Ceph credentials on the qemu command line when using RADOS Block Device (aka RBD), which allows local

5.5MEDIUM

CVE-2018-10873

all versions

A vulnerability was discovered in SPICE before version 0.14.1 where the generated code used for demarshalling messages lacked suff

8.3HIGH

CVE-2018-10915

all versions

A vulnerability was found in libpq, the default PostgreSQL client library where libpq failed to properly reset its internal state

8.5HIGH

CVE-2018-10908

all versions

It was found that vdsm before version 4.20.37 invokes qemu-img on untrusted inputs without limiting resources. By uploading a spec

6.5MEDIUM

CVE-2018-5390

all versions

Linux kernel versions 4.9+ can be forced to make very expensive calls to tcp_collapse_ofo_queue() and tcp_prune_ofo_queue() for ev

7.5HIGH

CVE-2018-10897

all versions

A directory traversal issue was found in reposync, a part of yum-utils, where reposync fails to sanitize paths in remote repositor

8.1HIGH

CVE-2017-15119

all versions

The Network Block Device (NBD) server in Quick Emulator (QEMU) before 2.11 is vulnerable to a denial of service issue. It could oc

5.8MEDIUM

CVE-2017-15113

all versions

ovirt-engine before version 4.1.7.6 with log level set to DEBUG includes passwords in the log file without masking. Only administr

7.2HIGH

CVE-2018-10862

all versions

WildFly Core before version 6.0.0.Alpha3 does not properly validate file paths in .war archives, allowing for the extraction of cr

5.5MEDIUM

CVE-2017-7539

all versions

An assertion-failure flaw was found in Qemu before 2.10.1, in the Network Block Device (NBD) server's initial connection negotiati

5.3MEDIUM

CVE-2016-8647

all versions

An input validation vulnerability was found in Ansible's mysql_user module before 2.2.1.0, which may fail to correctly change a pa

4.9MEDIUM

CVE-2017-7481

all versions

Ansible before versions 2.3.1.0 and 2.4.0.0 fails to properly mark lookup-plugin results as unsafe. If an attacker could control t

9.8CRITICAL

CVE-2018-10875

all versions

A flaw was found in ansible. ansible.cfg is read from the current working directory which can be altered to make it point to a plu

7.8HIGH

CVE-2018-13405

all versions

The inode_init_owner function in fs/inode.c in the Linux kernel through 3.16 allows local users to create files with an unintended

7.8HIGH

CVE-2018-10855

all versions

Ansible 2.5 prior to 2.5.5, and 2.4 prior to 2.4.5, do not honor the no_log task flag for failed tasks. When the no_log flag has b

5.9MEDIUM

CVE-2018-10874

all versions

In ansible it was found that inventory variables are loaded from current working directory when running ad-hoc command which are u

7.8HIGH

CVE-2018-1073

all versions

The web console login form in ovirt-engine before version 4.2.3 returned different errors for non-existent users and invalid passw

5.3MEDIUM

CVE-2018-11806

all versions

m_cat in slirp/mbuf.c in Qemu has a heap-based buffer overflow via incoming fragmented datagrams.

8.2HIGH

CVE-2018-1000180

all versions

Bouncy Castle BC 1.54 - 1.59, BC-FJA 1.0.0, BC-FJA 1.0.1 and earlier have a flaw in the Low-level interface to RSA key pair genera

7.5HIGH

CVE-2018-3639

all versions

Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all

5.5MEDIUM

CVE-2018-10237

all versions

Unbounded memory allocation in Google Guava 11.0 through 24.x before 24.1.1 allows remote attackers to conduct denial of service a

5.9MEDIUM

CVE-2018-1059

all versions

The DPDK vhost-user interface does not check to verify that all the requested guest physical range is mapped and contiguous when p

6.1MEDIUM

CVE-2018-1088

all versions

A privilege escalation flaw was found in gluster 3.x snapshot scheduler. Any gluster client allowed to mount gluster volumes could

8.1HIGH

CVE-2017-12196

all versions

undertow before versions 1.4.18.SP1, 2.0.2.Final, 1.4.24.Final was found vulnerable when using Digest authentication, the server d

4.8MEDIUM

CVE-2018-8088

all versions

org.slf4j.ext.EventData in the slf4j-ext module in QOS.CH SLF4J before 1.8.0-beta2 allows remote attackers to bypass intended acce

9.8CRITICAL

CVE-2018-7750

all versions

transport.py in the SSH server implementation of Paramiko before 1.17.6, 1.18.x before 1.18.5, 2.0.x before 2.0.8, 2.1.x before 2.

9.8CRITICAL

CVE-2018-6764

all versions

util/virlog.c in libvirt does not properly determine the hostname on LXC container startup, which allows local guest OS users to b

7.8HIGH

CVE-2017-7525

all versions

A deserialization flaw was discovered in the jackson-databind, versions before 2.6.7.1, 2.7.9.1 and 2.8.9, which could allow an un

9.8CRITICAL

CVE-2018-5968

all versions

FasterXML jackson-databind through 2.8.11 and 2.9.x through 2.9.3 allows unauthenticated remote code execution because of an incom

8.1HIGH

CVE-2018-5344

all versions

In the Linux kernel through 4.14.13, drivers/block/loop.c mishandles lo_release serialization, which allows attackers to cause a d

7.8HIGH

CVE-2017-7536

all versions

In Hibernate Validator 5.2.x before 5.2.5 final, 5.3.x, and 5.4.x, it was found that when the security manager's reflective permis

7.0HIGH

CVE-2017-10664

all versions

qemu-nbd in QEMU (aka Quick Emulator) does not ignore SIGPIPE, which allows remote attackers to cause a denial of service (daemon

7.5HIGH

CVE-2017-7980

all versions

Heap-based buffer overflow in Cirrus CLGD 54xx VGA Emulator in Quick Emulator (Qemu) 2.8 and earlier allows local guest OS users t

7.8HIGH

CVE-2017-9214

all versions

In Open vSwitch (OvS) 2.7.0, while parsing an OFPT_QUEUE_GET_CONFIG_REPLY type OFP 1.0 message, there is a buffer over-read that i

9.8CRITICAL

CVE-2017-5973

all versions

The xhci_kick_epctx function in hw/usb/hcd-xhci.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a d

5.5MEDIUM

CVE-2016-9921

all versions

Quick emulator (Qemu) built with the Cirrus CLGD 54xx VGA Emulator support is vulnerable to a divide by zero issue. It could occur

6.5MEDIUM

CVE-2016-9911

all versions

Quick Emulator (Qemu) built with the USB EHCI Emulation support is vulnerable to a memory leakage issue. It could occur while proc

6.5MEDIUM

CVE-2016-9907

all versions

Quick Emulator (Qemu) built with the USB redirector usb-guest support is vulnerable to a memory leakage flaw. It could occur while

6.5MEDIUM

CVE-2016-7466

all versions

Memory leak in the usb_xhci_exit function in hw/usb/hcd-xhci.c in QEMU (aka Quick Emulator), when the xhci uses msix, allows local

6.0MEDIUM

CVE-2016-7422

all versions

The virtqueue_map_desc function in hw/virtio/virtio.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a

6.0MEDIUM

CVE-2016-6888

all versions

Integer overflow in the net_tx_pkt_init function in hw/net/net_tx_pkt.c in QEMU (aka Quick Emulator) allows local guest OS adminis

4.4MEDIUM

CVE-2016-6835

all versions

The vmxnet_tx_pkt_parse_headers function in hw/net/vmxnet_tx_pkt.c in QEMU (aka Quick Emulator) allows local guest OS administrato

6.0MEDIUM

CVE-2016-8910

all versions

The rtl8139_cplus_transmit function in hw/net/rtl8139.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause

6.0MEDIUM

CVE-2016-8909

all versions

The intel_hda_xfer function in hw/audio/intel-hda.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a d

6.0MEDIUM

CVE-2016-8669

all versions

The serial_update_parameters function in hw/char/serial.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cau

6.0MEDIUM

CVE-2016-8576

all versions

The xhci_ring_fetch function in hw/usb/hcd-xhci.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a den

6.0MEDIUM

CVE-2016-5403

all versions

The virtqueue_pop function in hw/virtio/virtio.c in QEMU allows local guest OS administrators to cause a denial of service (memory

5.5MEDIUM

CVE-2016-5126

all versions

Heap-based buffer overflow in the iscsi_aio_ioctl function in block/iscsi.c in QEMU allows local guest OS users to cause a denial

7.8HIGH

CVE-2016-4020

all versions

The patch_instruction function in hw/i386/kvmvapic.c in QEMU does not initialize the imm32 variable, which allows local guest OS a

6.5MEDIUM

CVE-2016-3710

all versions

The VGA module in QEMU improperly performs bounds checking on banked access to video memory, which allows local guest OS administr

8.8HIGH

CVE-2016-2857

all versions

The net_checksum_calculate function in net/checksum.c in QEMU allows local guest OS users to cause a denial of service (out-of-bou

8.4HIGH

CVE-2016-1568

all versions

Use-after-free vulnerability in hw/ide/ahci.c in QEMU, when built with IDE AHCI Emulation support, allows guest OS users to cause

8.8HIGH

CVE-2015-1779

all versions

The VNC websocket frame decoder in QEMU allows remote attackers to cause a denial of service (memory and CPU consumption) via a la

8.6HIGH

CVE-2015-7512

all versions

Buffer overflow in the pcnet_receive function in hw/net/pcnet.c in QEMU, when a guest NIC has a larger MTU, allows remote attacker

9.0CRITICAL

CVE-2015-3214

all versions

The pit_ioport_read in i8254.c in the Linux kernel before 2.6.33 and QEMU before 2.3.1 does not distinguish between read lengths a

CVE-2015-5165

all versions

The C+ mode offload emulation in the RTL8139 network card device model in QEMU, as used in Xen 4.5.x and earlier, allows remote at

CVE-2015-2581

all versions

Unspecified vulnerability in the Oracle Secure Global Desktop component in Oracle Virtualization 5.1 and 5.2 allows remote attacke

CVE-2015-3209

all versions

Heap-based buffer overflow in the PCNET controller in QEMU allows remote attackers to execute arbitrary code by sending a packet w

CVE-2014-0230

all versions

Apache Tomcat 6.x before 6.0.44, 7.x before 7.0.55, and 8.x before 8.0.9 does not properly handle cases where an HTTP response occ

CVE-2015-0235

all versions

Heap-based buffer overflow in the __nss_hostname_digits_dots function in glibc 2.2, and other 2.x versions before 2.18, allows con

CVE-2014-7840

all versions

The host_from_stream_offset function in arch_init.c in QEMU, when loading RAM during migration, allows remote attackers to execute

CVE-2014-7815

all versions

The set_pixel_format function in ui/vnc.c in QEMU allows remote attackers to cause a denial of service (crash) via a small bytes_p

CVE-2014-3615

all versions

The VGA emulator in QEMU allows local guest users to read host memory by setting the display to a high resolution.

CVE-2014-6459

all versions