Vulnerabilities > Redhat > Enterprise Virtualization
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2010-08-24 | CVE-2010-2811 | Denial of Service vulnerability in Redhat Enterprise Virtualization 2.2 Virtual Desktop Server Manager (VDSM) in Red Hat Enterprise Virtualization (RHEV) 2.2 does not properly accept TCP connections for SSL sessions, which allows remote attackers to cause a denial of service (daemon outage) via crafted SSL traffic. | 5.7 |
| 2010-08-24 | CVE-2010-2784 | Permissions, Privileges, and Access Controls vulnerability in Redhat Enterprise Virtualization and KVM The subpage MMIO initialization functionality in the subpage_register function in exec.c in QEMU-KVM, as used in the Hypervisor (aka rhev-hypervisor) in Red Hat Enterprise Virtualization (RHEV) 2.2 and KVM 83, does not properly select the index for access to the callback array, which allows guest OS users to cause a denial of service (guest OS crash) or possibly gain privileges via unspecified vectors. | 6.6 |
| 2010-08-24 | CVE-2010-0431 | Improper Input Validation vulnerability in Redhat Enterprise Virtualization and KVM QEMU-KVM, as used in the Hypervisor (aka rhev-hypervisor) in Red Hat Enterprise Virtualization (RHEV) 2.2 and KVM 83, does not properly validate guest QXL driver pointers, which allows guest OS users to cause a denial of service (invalid pointer dereference and guest OS crash) or possibly gain privileges via unspecified vectors. | 6.6 |
| 2010-08-24 | CVE-2010-0429 | Permissions, Privileges, and Access Controls vulnerability in Redhat Enterprise Virtualization and Qspice libspice, as used in QEMU-KVM in the Hypervisor (aka rhev-hypervisor) in Red Hat Enterprise Virtualization (RHEV) 2.2 and qspice 0.3.0, does not properly restrict the addresses upon which memory-management actions are performed, which allows guest OS users to cause a denial of service (guest OS crash) or possibly gain privileges via unspecified vectors. | 6.6 |
| 2010-08-24 | CVE-2010-0428 | Improper Input Validation vulnerability in Redhat Enterprise Virtualization and Qspice libspice, as used in QEMU-KVM in the Hypervisor (aka rhev-hypervisor) in Red Hat Enterprise Virtualization (RHEV) 2.2 and qspice 0.3.0, does not properly validate guest QXL driver pointers, which allows guest OS users to cause a denial of service (invalid pointer dereference and guest OS crash) or possibly gain privileges via unspecified vectors. | 6.6 |
| 2008-10-02 | CVE-2008-3522 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in multiple products Buffer overflow in the jas_stream_printf function in libjasper/base/jas_stream.c in JasPer 1.900.1 might allow context-dependent attackers to have an unknown impact via vectors related to the mif_hdr_put function and use of vsprintf. | 10.0 |