libvirt (SUSE:Linux Enterprise Server 12-LTSS) — known CVEs & security advisories
Known CVE vulnerabilities and GitHub Security Advisories affecting the SUSE:Linux Enterprise Server 12-LTSS package libvirt, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (10)
CVE-2016-5008 — CVSS 9.8 (critical): libvirt before 2.0.0 improperly disables password checking when the password on a VNC server is set to an empty string, which allows remote…
CVE-2019-10161 — CVSS 7.8 (high): It was discovered that libvirtd before versions 4.10.1 and 5.4.1 would permit read-only clients to use the virDomainSaveImageGetXMLDesc()…
CVE-2018-1064 — CVSS 7.5 (high): libvirt version before 4.2.0-rc1 is vulnerable to a resource exhaustion as a result of an incomplete fix for CVE-2018-5748 that affects…
CVE-2018-5748 — CVSS 7.5 (high): qemu/qemu_monitor.c in libvirt allows attackers to cause a denial of service (memory consumption) via a large QEMU reply.
CVE-2018-12130 — CVSS 5.9 (medium): Microarchitectural Fill Buffer Data Sampling (MFBDS): Fill buffers on some microprocessors utilizing speculative execution may allow an…
CVE-2018-12127 — CVSS 5.6 (medium): Microarchitectural Load Port Data Sampling (MLPDS): Load ports on some microprocessors utilizing speculative execution may allow an…
CVE-2018-12126 — CVSS 5.6 (medium): Microarchitectural Store Buffer Data Sampling (MSBDS): Store buffers on some microprocessors utilizing speculative execution may allow an…
CVE-2017-5715 — CVSS 5.6 (medium): Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of…
CVE-2019-11091 — CVSS 5.6 (medium): Microarchitectural Data Sampling Uncacheable Memory (MDSUM): Uncacheable memory on some microprocessors utilizing speculative execution may…
CVE-2018-3639 — CVSS 5.5 (medium): Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prior…