Vulnerabilities > Redhat > Enterprise Virtualization > Low
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-11-04 | CVE-2013-4280 | Exposure of Resource to Wrong Sphere vulnerability in Redhat products Insecure temporary file vulnerability in RedHat vsdm 4.9.6. | 2.1 |
| 2018-07-27 | CVE-2017-2614 | Weak Password Recovery Mechanism for Forgotten Password vulnerability in Redhat Enterprise Virtualization 4.0 When updating a password in the rhvm database the ovirt-aaa-jdbc-tool tools before 1.1.3 fail to correctly check for the current password if it is expired. | 2.1 |
| 2017-08-22 | CVE-2016-6310 | Information Exposure vulnerability in Redhat Enterprise Virtualization oVirt Engine discloses the ENGINE_HTTPS_PKI_TRUST_STORE_PASSWORD in /var/log/ovirt-engine/engine.log file in RHEV before 4.0. | 2.1 |
| 2016-10-03 | CVE-2016-5432 | Information Exposure Through Log Files vulnerability in Redhat Enterprise Virtualization 4.0 The ovirt-engine-provisiondb utility in Red Hat Enterprise Virtualization (RHEV) Engine 4.0 allows local users to obtain sensitive database provisioning information by reading log files. | 3.3 |
| 2015-09-08 | CVE-2015-1841 | Code vulnerability in Redhat Enterprise Virtualization 3.0 The Web Admin interface in Red Hat Enterprise Virtualization Manager (RHEV-M) allows local users to bypass the timeout function by selecting a VM in the VM grid view. | 3.7 |
| 2014-08-03 | CVE-2014-5177 | Improper Input Validation vulnerability in multiple products libvirt 1.0.0 through 1.2.x before 1.2.5, when fine grained access control is enabled, allows local users to read arbitrary files via a crafted XML document containing an XML external entity declaration in conjunction with an entity reference to the (1) virDomainDefineXML, (2) virNetworkCreateXML, (3) virNetworkDefineXML, (4) virStoragePoolCreateXML, (5) virStoragePoolDefineXML, (6) virStorageVolCreateXML, (7) virDomainCreateXML, (8) virNodeDeviceCreateXML, (9) virInterfaceDefineXML, (10) virStorageVolCreateXMLFrom, (11) virConnectDomainXMLFromNative, (12) virConnectDomainXMLToNative, (13) virSecretDefineXML, (14) virNWFilterDefineXML, (15) virDomainSnapshotCreateXML, (16) virDomainSaveImageDefineXML, (17) virDomainCreateXMLWithFiles, (18) virConnectCompareCPU, or (19) virConnectBaselineCPU API method, related to an XML External Entity (XXE) issue. | 1.2 |
| 2013-08-19 | CVE-2013-0167 | Denial of Service vulnerability in Red Hat Enterprise Virtualization Hypervisor VDSM in Red Hat Enterprise Virtualization 3 and 3.2 allows privileged guest users to cause the host to become "unavailable to the managment server" via guestInfo dictionaries with "unexpected fields." low complexity redhat | 2.7 |