Vulnerabilities > Redhat > Enterprise Virtualization > 3.0
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2020-02-25 | CVE-2015-5201 | Missing Authentication for Critical Function vulnerability in Redhat products VDSM and libvirt in Red Hat Enterprise Virtualization Hypervisor (aka RHEV-H) 7-7.x before 7-7.2-20151119.0 and 6-6.x before 6-6.7-20151117.0 as packaged in Red Hat Enterprise Virtualization before 3.5.6 when VSDM is run with -spice disable-ticketing and a VM is suspended and then restored, allows remote attackers to log in without authentication via unspecified vectors. | 7.5 |
2019-11-13 | CVE-2014-8167 | Improper Certificate Validation vulnerability in Redhat products vdsm and vdsclient does not validate certficate hostname from another vdsm which could facilitate a man-in-the-middle attack | 5.9 |
2019-11-04 | CVE-2013-4280 | Exposure of Resource to Wrong Sphere vulnerability in Redhat products Insecure temporary file vulnerability in RedHat vsdm 4.9.6. | 5.5 |
2017-08-22 | CVE-2016-6310 | Information Exposure vulnerability in Redhat Enterprise Virtualization oVirt Engine discloses the ENGINE_HTTPS_PKI_TRUST_STORE_PASSWORD in /var/log/ovirt-engine/engine.log file in RHEV before 4.0. | 5.5 |
2013-01-31 | CVE-2013-1591 | Integer Overflow or Wraparound vulnerability in multiple products Stack-based buffer overflow in libpixman, as used in Pale Moon before 15.4 and possibly other products, has unspecified impact and context-dependent attack vectors. | 9.8 |