Vulnerabilities > Redhat > Enterprise Virtualization Hypervisor
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-02-25 | CVE-2015-5201 | Missing Authentication for Critical Function vulnerability in Redhat products VDSM and libvirt in Red Hat Enterprise Virtualization Hypervisor (aka RHEV-H) 7-7.x before 7-7.2-20151119.0 and 6-6.x before 6-6.7-20151117.0 as packaged in Red Hat Enterprise Virtualization before 3.5.6 when VSDM is run with -spice disable-ticketing and a VM is suspended and then restored, allows remote attackers to log in without authentication via unspecified vectors. | 7.5 |
| 2019-11-22 | CVE-2012-0877 | Resource Exhaustion vulnerability in multiple products PyXML: Hash table collisions CPU usage Denial of Service | 7.8 |
| 2013-12-27 | CVE-2010-0430 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Redhat Enterprise Virtualization Hypervisor libspice, as used in QEMU-KVM in Red Hat Enterprise Virtualization Hypervisor (aka RHEV-H or rhev-hypervisor) before 5.5-2.2 and possibly other products, allows guest OS users to read from or write to arbitrary QEMU memory by modifying the address that is used by Cairo for memory mappings. | 7.4 |
| 2010-06-24 | CVE-2010-2223 | Permissions, Privileges, and Access Controls vulnerability in Redhat Enterprise Virtualization Hypervisor Virtual Desktop Server Manager (VDSM) in Red Hat Enterprise Virtualization Hypervisor (aka RHEV-H or rhev-hypervisor) before 5.5-2.2 does not properly perform VM post-zeroing after the removal of a virtual machine's data, which allows guest OS users to obtain sensitive information by examining the disk blocks associated with a deleted virtual machine. | 2.1 |