libvirt (SUSE:Linux Enterprise Server for SAP Applications 15) — known CVEs & security advisories
Known CVE vulnerabilities and GitHub Security Advisories affecting the SUSE:Linux Enterprise Server for SAP Applications 15 package libvirt, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (14)
CVE-2020-15708 — CVSS 9.3 (critical): Ubuntu's packaging of libvirt in 20.04 LTS created a control socket with world read and write permissions. An attacker could use this to…
CVE-2020-25637 — CVSS 6.7 (medium): A double free memory issue was found to occur in the libvirt API, in versions before 6.8.0, responsible for requesting information about…
CVE-2020-10703 — CVSS 6.5 (medium): A NULL pointer dereference was found in the libvirt API responsible introduced in upstream version 3.10.0, and fixed in libvirt 6.0.0, for…
CVE-2021-3975 — CVSS 6.5 (medium): A use-after-free flaw was found in libvirt. The qemuMonitorUnregister() function in qemuProcessHandleMonitorEOF is called using multiple…
CVE-2021-4147 — CVSS 6.5 (medium): A flaw was found in the libvirt libxl driver. A malicious guest could continuously reboot itself and cause libvirtd on the host to deadlock…
CVE-2021-22191 — CVSS 6.3 (medium): Improper URL handling in Wireshark 3.4.0 to 3.4.3 and 3.2.0 to 3.2.11 could allow remote code execution via via packet injection or crafted…
CVE-2021-22207 — CVSS 5.5 (medium): Excessive memory consumption in MS-WSP dissector in Wireshark 3.4.0 to 3.4.4 and 3.2.0 to 3.2.12 allows denial of service via packet…
CVE-2020-26421 — CVSS 4.2 (medium): Crash in USB HID protocol dissector and possibly other dissectors in Wireshark 3.4.0 and 3.2.0 to 3.2.8 allows denial of service via packet…
CVE-2020-26422 — CVSS 3.7 (low): Buffer overflow in QUIC dissector in Wireshark 3.4.0 to 3.4.1 allows denial of service via packet injection or crafted capture file
CVE-2021-22173 — CVSS 3.7 (low): Memory leak in USB HID dissector in Wireshark 3.4.0 to 3.4.2 allows denial of service via packet injection or crafted capture file
CVE-2021-22174 — CVSS 3.7 (low): Crash in USB HID dissector in Wireshark 3.4.0 to 3.4.2 allows denial of service via packet injection or crafted capture file
CVE-2020-26419 — CVSS 3.1 (low): Memory leak in the dissection engine in Wireshark 3.4.0 allows denial of service via packet injection or crafted capture file.
CVE-2020-26418 — CVSS 3.1 (low): Memory leak in Kafka protocol dissector in Wireshark 3.4.0 and 3.2.0 to 3.2.8 allows denial of service via packet injection or crafted…
CVE-2020-26420 — CVSS 3.1 (low): Memory leak in RTPS protocol dissector in Wireshark 3.4.0 and 3.2.0 to 3.2.8 allows denial of service via packet injection or crafted…