Every CVE whose affected-product data names Redhat Virtualization, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (128)
CVE-2015-0235 — CVSS 10.0 (critical): Heap-based buffer overflow in the __nss_hostname_digits_dots function in glibc 2.2, and other 2.x versions before 2.18, allows…
CVE-2017-7525 — CVSS 9.8 (critical): A deserialization flaw was discovered in the jackson-databind, versions before 2.6.7.1, 2.7.9.1 and 2.8.9, which could allow an…
CVE-2019-9636 — CVSS 9.8 (critical): Python 2.7.x through 2.7.16 and 3.x through 3.7.2 is affected by: Improper Handling of Unicode Encoding (with an incorrect netloc) during…
CVE-2019-3888 — CVSS 9.8 (critical): A vulnerability was found in Undertow web server before 2.0.21. An information exposure of plain text credentials through log files because…
CVE-2019-10160 — CVSS 9.8 (critical): A security regression of CVE-2019-9636 was discovered in python since commit d537ab0ff9767ef024f26246899728f0116b1ec3 affecting versions…
CVE-2019-10126 — CVSS 9.8 (critical): A flaw was found in the Linux kernel. A heap based buffer overflow in mwifiex_uap_parse_tail_ies function in drivers/net/wireless/marvell/mw…
CVE-2018-8088 — CVSS 9.8 (critical): org.slf4j.ext.EventData in the slf4j-ext module in QOS.CH SLF4J before 1.8.0-beta2 allows remote attackers to bypass intended access…
CVE-2018-7750 — CVSS 9.8 (critical): transport.py in the SSH server implementation of Paramiko before 1.17.6, 1.18.x before 1.18.5, 2.0.x before 2.0.8, 2.1.x before 2.1.5…
CVE-2018-17963 — CVSS 9.8 (critical): qemu_deliver_packet_iov in net/net.c in Qemu accepts packet sizes greater than INT_MAX, which allows attackers to cause a denial of service…
CVE-2017-9214 — CVSS 9.8 (critical): In Open vSwitch (OvS) 2.7.0, while parsing an OFPT_QUEUE_GET_CONFIG_REPLY type OFP 1.0 message, there is a buffer over-read that is caused…
CVE-2017-7481 — CVSS 9.8 (critical): Ansible before versions 2.3.1.0 and 2.4.0.0 fails to properly mark lookup-plugin results as unsafe. If an attacker could control the…
CVE-2012-6075 — CVSS 9.3 (critical): Buffer overflow in the e1000_receive function in the e1000 device driver (hw/e1000.c) in QEMU 1.3.0-rc2 and other versions, when the SBP…
CVE-2015-5165 — CVSS 9.3 (critical): The C+ mode offload emulation in the RTL8139 network card device model in QEMU, as used in Xen 4.5.x and earlier, allows remote attackers…
CVE-2019-14859 — CVSS 9.1 (critical): A flaw was found in all python-ecdsa versions before 0.13.3, where it did not correctly verify whether signatures used DER encoding…
CVE-2015-7512 — CVSS 9.0 (critical): Buffer overflow in the pcnet_receive function in hw/net/pcnet.c in QEMU, when a guest NIC has a larger MTU, allows remote attackers to…
CVE-2019-14287 — CVSS 8.8 (high): In Sudo before 1.8.28, an attacker with access to a Runas ALL sudoer account can bypass certain policy blacklists and session PAM modules…
CVE-2021-3621 — CVSS 8.8 (high): A flaw was found in SSSD, where the sssctl command was vulnerable to shell command injection via the logs-fetch and cache-expire…
CVE-2013-4535 — CVSS 8.8 (high): The virtqueue_map_sg function in hw/virtio/virtio.c in QEMU before 1.7.2 allows remote attackers to execute arbitrary files via a crafted…
CVE-2016-1568 — CVSS 8.8 (high): Use-after-free vulnerability in hw/ide/ahci.c in QEMU, when built with IDE AHCI Emulation support, allows guest OS users to cause a denial…
CVE-2016-3710 — CVSS 8.8 (high): The VGA module in QEMU improperly performs bounds checking on banked access to video memory, which allows local guest OS administrators to…
CVE-2022-0435 — CVSS 8.8 (high): A stack overflow flaw was found in the Linux kernel's TIPC protocol functionality in the way a user sends a packet with malicious content…
CVE-2021-4154 — CVSS 8.8 (high): A use-after-free flaw was found in cgroup1_parse_param in kernel/cgroup/cgroup-v1.c in the Linux kernel's cgroup v1 parser. A local…
CVE-2022-2132 — CVSS 8.6 (high): A permissive list of allowed inputs flaw was found in DPDK. This issue allows a remote attacker to cause a denial of service triggered by…
CVE-2015-1779 — CVSS 8.6 (high): The VNC websocket frame decoder in QEMU allows remote attackers to cause a denial of service (memory and CPU consumption) via a large (1)…
CVE-2014-0144 — CVSS 8.6 (high): QEMU before 2.0.0 block drivers for CLOOP, QCOW2 version 2 and various other image formats are vulnerable to potential memory corruptions…
CVE-2018-10915 — CVSS 8.5 (high): A vulnerability was found in libpq, the default PostgreSQL client library where libpq failed to properly reset its internal state between…
CVE-2016-2857 — CVSS 8.4 (high): The net_checksum_calculate function in net/checksum.c in QEMU allows local guest OS users to cause a denial of service (out-of-bounds heap…
CVE-2018-10873 — CVSS 8.3 (high): A vulnerability was discovered in SPICE before version 0.14.1 where the generated code used for demarshalling messages lacked sufficient…
CVE-2018-11806 — CVSS 8.2 (high): m_cat in slirp/mbuf.c in Qemu has a heap-based buffer overflow via incoming fragmented datagrams.
CVE-2023-1668 — CVSS 8.2 (high): A flaw was found in openvswitch (OVS). When processing an IP packet with protocol 0, OVS will install the datapath flow without the action…
CVE-2018-5968 — CVSS 8.1 (high): FasterXML jackson-databind through 2.8.11 and 2.9.x through 2.9.3 allows unauthenticated remote code execution because of an incomplete fix…
CVE-2020-25717 — CVSS 8.1 (high): A flaw was found in the way Samba maps domain users to local users. An authenticated attacker could use this flaw to cause possible…
CVE-2018-1088 — CVSS 8.1 (high): A privilege escalation flaw was found in gluster 3.x snapshot scheduler. Any gluster client allowed to mount gluster volumes could also…
CVE-2018-10897 — CVSS 8.1 (high): A directory traversal issue was found in reposync, a part of yum-utils, where reposync fails to sanitize paths in remote repository…
CVE-2019-3879 — CVSS 8.1 (high): It was discovered that in the ovirt's REST API before version 4.3.2.1, RemoveDiskCommand is triggered as an internal command, meaning the…
CVE-2016-5126 — CVSS 7.8 (high): Heap-based buffer overflow in the iscsi_aio_ioctl function in block/iscsi.c in QEMU allows local guest OS users to cause a denial of…
CVE-2017-7980 — CVSS 7.8 (high): Heap-based buffer overflow in Cirrus CLGD 54xx VGA Emulator in Quick Emulator (Qemu) 2.8 and earlier allows local guest OS users to execute…
CVE-2018-10874 — CVSS 7.8 (high): In ansible it was found that inventory variables are loaded from current working directory when running ad-hoc command which are under…
CVE-2018-10875 — CVSS 7.8 (high): A flaw was found in ansible. ansible.cfg is read from the current working directory which can be altered to make it point to a plugin or a…
CVE-2018-13405 — CVSS 7.8 (high): The inode_init_owner function in fs/inode.c in the Linux kernel through 3.16 allows local users to create files with an unintended group…
CVE-2018-5344 — CVSS 7.8 (high): In the Linux kernel through 4.14.13, drivers/block/loop.c mishandles lo_release serialization, which allows attackers to cause a denial of…
CVE-2018-6764 — CVSS 7.8 (high): util/virlog.c in libvirt does not properly determine the hostname on LXC container startup, which allows local guest OS users to bypass an…
CVE-2019-10161 — CVSS 7.8 (high): It was discovered that libvirtd before versions 4.10.1 and 5.4.1 would permit read-only clients to use the virDomainSaveImageGetXMLDesc()…
CVE-2019-10166 — CVSS 7.8 (high): It was discovered that libvirtd, versions 4.x.x before 4.10.1 and 5.x.x before 5.4.1, would permit readonly clients to use the…
CVE-2019-10167 — CVSS 7.8 (high): The virConnectGetDomainCapabilities() libvirt API, versions 4.x.x before 4.10.1 and 5.x.x before 5.4.1, accepts an "emulatorbin" argument…
CVE-2019-10168 — CVSS 7.8 (high): The virConnectBaselineHypervisorCPU() and virConnectCompareHypervisorCPU() libvirt APIs, 4.x.x before 4.10.1 and 5.x.x before 5.4.1, accept…
CVE-2019-14816 — CVSS 7.8 (high): There is heap-based buffer overflow in kernel, all versions up to, excluding 5.3, in the marvell wifi chip driver in Linux kernel, that…
CVE-2019-14835 — CVSS 7.8 (high): A buffer overflow flaw was found, in versions from 2.6.34 to 5.2.x, in the way Linux kernel's vhost functionality that translates virtqueue…
CVE-2022-0330 — CVSS 7.8 (high): A random memory access flaw was found in the Linux kernel's GPU i915 kernel driver functionality in the way a user may run malicious code…
CVE-2022-27666 — CVSS 7.8 (high): A heap buffer overflow flaw was found in IPsec ESP transformation code in net/ipv4/esp4.c and net/ipv6/esp6.c. This flaw allows a local…
CVE-2020-27827 — CVSS 7.5 (high): A flaw was found in multiple versions of OpenvSwitch. Specially crafted LLDP packets can cause memory to be lost when allocating data to…
CVE-2018-1000180 — CVSS 7.5 (high): Bouncy Castle BC 1.54 - 1.59, BC-FJA 1.0.0, BC-FJA 1.0.1 and earlier have a flaw in the Low-level interface to RSA key pair generator…
CVE-2017-10664 — CVSS 7.5 (high): qemu-nbd in QEMU (aka Quick Emulator) does not ignore SIGPIPE, which allows remote attackers to cause a denial of service (daemon crash) by…
CVE-2014-7840 — CVSS 7.5 (high): The host_from_stream_offset function in arch_init.c in QEMU, when loading RAM during migration, allows remote attackers to execute…
CVE-2015-3209 — CVSS 7.5 (high): Heap-based buffer overflow in the PCNET controller in QEMU allows remote attackers to execute arbitrary code by sending a packet with…
CVE-2019-3804 — CVSS 7.5 (high): It was found that cockpit before version 184 used glib's base64 decode functionality incorrectly resulting in a denial of service attack…
CVE-2014-3468 — CVSS 7.5 (high): The asn1_get_bit_der function in GNU Libtasn1 before 3.6 does not properly report an error when a negative bit length is identified, which…
CVE-2018-5390 — CVSS 7.5 (high): Linux kernel versions 4.9+ can be forced to make very expensive calls to tcp_collapse_ofo_queue() and tcp_prune_ofo_queue() for every…
CVE-2018-17958 — CVSS 7.5 (high): Qemu has a Buffer Overflow in rtl8139_do_receive in hw/net/rtl8139.c because an incorrect integer data type is used.
CVE-2018-16881 — CVSS 7.5 (high): A denial of service vulnerability was found in rsyslog in the imptcp module. An attacker could send a specially crafted message to the…
CVE-2009-4272 — CVSS 7.5 (high): A certain Red Hat patch for net/ipv4/route.c in the Linux kernel 2.6.18 on Red Hat Enterprise Linux (RHEL) 5 allows remote attackers to…
CVE-2009-3080 — CVSS 7.2 (high): Array index error in the gdth_read_event function in drivers/scsi/gdth.c in the Linux kernel before 2.6.32-rc8 allows local users to cause…
CVE-2013-4344 — CVSS 7.2 (high): Buffer overflow in the SCSI implementation in QEMU, as used in Xen, when a SCSI controller has more than 256 attached devices, allows local…
CVE-2017-15113 — CVSS 7.2 (high): ovirt-engine before version 4.1.7.6 with log level set to DEBUG includes passwords in the log file without masking. Only administrators can…
CVE-2012-3515 — CVSS 7.2 (high): Qemu, as used in Xen 4.0, 4.1 and possibly other products, when emulating certain devices with a virtual console backend, allows local OS…
CVE-2021-3501 — CVSS 7.1 (high): A flaw was found in the Linux kernel in versions before 5.12. The value of internal.ndata, in the KVM API, is mapped to an array index…
CVE-2009-3939 — CVSS 7.1 (high): The poll_mode_io file for the megaraid_sas driver in the Linux kernel 2.6.31.6 and earlier has world-writable permissions, which allows…
CVE-2023-5366 — CVSS 7.1 (high): A flaw was found in Open vSwitch that allows ICMPv6 Neighbor Advertisement packets between virtual machines to bypass OpenFlow rules. This…
CVE-2017-7536 — CVSS 7.0 (high): In Hibernate Validator 5.2.x before 5.2.5 final, 5.3.x, and 5.4.x, it was found that when the security manager's reflective permissions…
CVE-2021-3609 — CVSS 7.0 (high): .A flaw was found in the CAN BCM networking protocol in the Linux kernel, where a local attacker can abuse a flaw in the CAN subsystem to…
CVE-2015-3214 — CVSS 6.9 (medium): The pit_ioport_read in i8254.c in the Linux kernel before 2.6.33 and QEMU before 2.3.1 does not distinguish between read lengths and write…
CVE-2018-14660 — CVSS 6.5 (medium): A flaw was found in glusterfs server through versions 4.1.4 and 3.1.2 which allowed repeated usage of GF_META_LOCK_KEY xattr. A remote…
CVE-2018-14661 — CVSS 6.5 (medium): It was found that usage of snprintf function in feature/locks translator of glusterfs server 3.8.4, as shipped with Red Hat Gluster…
CVE-2016-9921 — CVSS 6.5 (medium): Quick emulator (Qemu) built with the Cirrus CLGD 54xx VGA Emulator support is vulnerable to a divide by zero issue. It could occur while…
CVE-2021-3677 — CVSS 6.5 (medium): A flaw was found in postgresql. A purpose-crafted query can read arbitrary bytes of server memory. In the default configuration, any…
CVE-2022-2805 — CVSS 6.5 (medium): A flaw was found in ovirt-engine, which leads to the logging of plaintext passwords in the log file when using otapi-style. This flaw…
CVE-2016-9911 — CVSS 6.5 (medium): Quick Emulator (Qemu) built with the USB EHCI Emulation support is vulnerable to a memory leakage issue. It could occur while processing…
CVE-2015-1780 — CVSS 6.5 (medium): oVirt users with MANIPULATE_STORAGE_DOMAIN permissions can attach a storage domain to any data-center
CVE-2020-35497 — CVSS 6.5 (medium): A flaw was found in ovirt-engine 4.4.3 and earlier allowing an authenticated user to read other users' personal information, including…
CVE-2016-9907 — CVSS 6.5 (medium): Quick Emulator (Qemu) built with the USB redirector usb-guest support is vulnerable to a memory leakage flaw. It could occur while…
CVE-2016-4020 — CVSS 6.5 (medium): The patch_instruction function in hw/i386/kvmvapic.c in QEMU does not initialize the imm32 variable, which allows local guest OS…
CVE-2018-10908 — CVSS 6.5 (medium): It was found that vdsm before version 4.20.37 invokes qemu-img on untrusted inputs without limiting resources. By uploading a specially…
CVE-2018-10930 — CVSS 6.5 (medium): A flaw was found in RPC request using gfs3_rename_req in glusterfs server. An authenticated attacker could use this flaw to write to a…
CVE-2018-1114 — CVSS 6.5 (medium): It was found that URLResource.getLastModified() in Undertow closes the file descriptors only when they are finalized which can cause file…
CVE-2021-3634 — CVSS 6.5 (medium): A flaw has been found in libssh in versions prior to 0.9.6. The SSH protocol keeps track of two shared secrets during the lifetime of the…
CVE-2018-14654 — CVSS 6.5 (medium): The Gluster file system through version 4.1.4 is vulnerable to abuse of the 'features/index' translator. A remote attacker with access to…
CVE-2018-14659 — CVSS 6.5 (medium): The Gluster file system through versions 4.1.4 and 3.1.2 is vulnerable to a denial of service attack via use of the 'GF_XATTR_IOSTATS_DUMP_K…
CVE-2014-0147 — CVSS 6.2 (medium): Qemu before 1.6.2 block diver for the various disk image formats used by Bochs and for the QCOW version 2 format, are vulnerable to a…
CVE-2018-1059 — CVSS 6.1 (medium): The DPDK vhost-user interface does not check to verify that all the requested guest physical range is mapped and contiguous when performing…
CVE-2019-19336 — CVSS 6.1 (medium): A cross-site scripting vulnerability was reported in the oVirt-engine's OAuth authorization endpoint before version 4.3.8. URL parameters…
CVE-2016-8576 — CVSS 6.0 (medium): The xhci_ring_fetch function in hw/usb/hcd-xhci.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of…
CVE-2016-6835 — CVSS 6.0 (medium): The vmxnet_tx_pkt_parse_headers function in hw/net/vmxnet_tx_pkt.c in QEMU (aka Quick Emulator) allows local guest OS administrators to…
CVE-2016-8669 — CVSS 6.0 (medium): The serial_update_parameters function in hw/char/serial.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a…
CVE-2016-8910 — CVSS 6.0 (medium): The rtl8139_cplus_transmit function in hw/net/rtl8139.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial…
CVE-2016-7422 — CVSS 6.0 (medium): The virtqueue_map_desc function in hw/virtio/virtio.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial…
CVE-2016-7466 — CVSS 6.0 (medium): Memory leak in the usb_xhci_exit function in hw/usb/hcd-xhci.c in QEMU (aka Quick Emulator), when the xhci uses msix, allows local guest OS…
CVE-2016-8909 — CVSS 6.0 (medium): The intel_hda_xfer function in hw/audio/intel-hda.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of…
CVE-2020-25657 — CVSS 5.9 (medium): A flaw was found in all released versions of m2crypto, where they are vulnerable to Bleichenbacher timing attacks in the RSA decryption API…
CVE-2018-10855 — CVSS 5.9 (medium): Ansible 2.5 prior to 2.5.5, and 2.4 prior to 2.4.5, do not honor the no_log task flag for failed tasks. When the no_log flag has been used…
CVE-2019-1559 — CVSS 5.9 (medium): If an application encounters a fatal protocol error and then calls SSL_shutdown() twice (once to send a close_notify, and once to receive…
CVE-2018-10237 — CVSS 5.9 (medium): Unbounded memory allocation in Google Guava 11.0 through 24.x before 24.1.1 allows remote attackers to conduct denial of service attacks…
CVE-2017-15119 — CVSS 5.8 (medium): The Network Block Device (NBD) server in Quick Emulator (QEMU) before 2.11 is vulnerable to a denial of service issue. It could occur if a…
CVE-2018-3639 — CVSS 5.5 (medium): Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prior…
CVE-2018-10862 — CVSS 5.5 (medium): WildFly Core before version 6.0.0.Alpha3 does not properly validate file paths in .war archives, allowing for the extraction of crafted…
CVE-2021-3620 — CVSS 5.5 (medium): A flaw was found in Ansible Engine's ansible-connection module, where sensitive information such as the Ansible user credentials is…
CVE-2016-5403 — CVSS 5.5 (medium): The virtqueue_pop function in hw/virtio/virtio.c in QEMU allows local guest OS administrators to cause a denial of service (memory…
CVE-2015-5160 — CVSS 5.5 (medium): libvirt before 2.2 includes Ceph credentials on the qemu command line when using RADOS Block Device (aka RBD), which allows local users to…
CVE-2022-2078 — CVSS 5.5 (medium): A vulnerability was found in the Linux kernel's nft_set_desc_concat_parse() function .This flaw allows an attacker to trigger a buffer…
CVE-2014-0148 — CVSS 5.5 (medium): Qemu before 2.0 block driver for Hyper-V VHDX Images is vulnerable to infinite loops and other potential issues when calculating BAT…
CVE-2017-5973 — CVSS 5.5 (medium): The xhci_kick_epctx function in hw/usb/hcd-xhci.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of…
CVE-2018-1073 — CVSS 5.3 (medium): The web console login form in ovirt-engine before version 4.2.3 returned different errors for non-existent users and invalid passwords…
CVE-2017-7539 — CVSS 5.3 (medium): An assertion-failure flaw was found in Qemu before 2.10.1, in the Network Block Device (NBD) server's initial connection negotiation, where…
CVE-2014-7815 — CVSS 5.0 (medium): The set_pixel_format function in ui/vnc.c in QEMU allows remote attackers to cause a denial of service (crash) via a small bytes_per_pixel…
CVE-2014-3467 — CVSS 5.0 (medium): Multiple unspecified vulnerabilities in the DER decoder in GNU Libtasn1 before 3.6, as used in GnuTLS, allow remote attackers to cause a…
CVE-2014-3469 — CVSS 5.0 (medium): The (1) asn1_read_value_type and (2) asn1_read_value functions in GNU Libtasn1 before 3.6 allows context-dependent attackers to cause a…
CVE-2016-8647 — CVSS 4.9 (medium): An input validation vulnerability was found in Ansible's mysql_user module before 2.2.1.0, which may fail to correctly change a password in…
CVE-2017-12196 — CVSS 4.8 (medium): undertow before versions 1.4.18.SP1, 2.0.2.Final, 1.4.24.Final was found vulnerable when using Digest authentication, the server does not…
CVE-2022-0207 — CVSS 4.7 (medium): A race condition was found in vdsm. Functionality to obfuscate sensitive values in log files that may lead to values being stored in clear…
CVE-2016-6888 — CVSS 4.4 (medium): Integer overflow in the net_tx_pkt_init function in hw/net/net_tx_pkt.c in QEMU (aka Quick Emulator) allows local guest OS administrators…
CVE-2018-10858 — CVSS 4.3 (medium): A heap-buffer overflow was found in the way samba clients processed extra long filename in a directory listing. A malicious samba server…
CVE-2019-14850 — CVSS 3.7 (low): A denial of service vulnerability was discovered in nbdkit 1.12.7, 1.14.1 and 1.15.1. An attacker could connect to the nbdkit service and…
CVE-2009-2910 — CVSS 2.1 (low): arch/x86/ia32/ia32entry.S in the Linux kernel before 2.6.31.4 on the x86_64 platform does not clear certain kernel registers before a…
CVE-2014-3615 — CVSS 2.1 (low): The VGA emulator in QEMU allows local guest users to read host memory by setting the display to a high resolution.