Vulnerabilities > Redhat > Enterprise Virtualization Hypervisor > High

DATE	CVE	VULNERABILITY TITLE	RISK
2020-02-25	CVE-2015-5201	Missing Authentication for Critical Function vulnerability in Redhat products VDSM and libvirt in Red Hat Enterprise Virtualization Hypervisor (aka RHEV-H) 7-7.x before 7-7.2-20151119.0 and 6-6.x before 6-6.7-20151117.0 as packaged in Red Hat Enterprise Virtualization before 3.5.6 when VSDM is run with -spice disable-ticketing and a VM is suspended and then restored, allows remote attackers to log in without authentication via unspecified vectors. network low complexity redhat CWE-306	7.5
2019-11-22	CVE-2012-0877	Resource Exhaustion vulnerability in multiple products PyXML: Hash table collisions CPU usage Denial of Service network low complexity python redhat CWE-400	7.8
2013-12-27	CVE-2010-0430	Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Redhat Enterprise Virtualization Hypervisor libspice, as used in QEMU-KVM in Red Hat Enterprise Virtualization Hypervisor (aka RHEV-H or rhev-hypervisor) before 5.5-2.2 and possibly other products, allows guest OS users to read from or write to arbitrary QEMU memory by modifying the address that is used by Cairo for memory mappings. redhat CWE-119	7.4

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.