Vulnerabilities > Redhat > Ovirt Engine > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-08-24 | CVE-2020-10775 | Open Redirect vulnerability in multiple products An Open redirect vulnerability was found in ovirt-engine versions 4.4 and earlier, where it allows remote attackers to redirect users to arbitrary web sites and attempt phishing attacks. | 5.3 |
| 2019-11-22 | CVE-2015-1780 | Incorrect Authorization vulnerability in Redhat Ovirt-Engine and Virtualization oVirt users with MANIPULATE_STORAGE_DOMAIN permissions can attach a storage domain to any data-center | 4.0 |
| 2017-08-07 | CVE-2016-3113 | Cross-site Scripting vulnerability in Redhat Ovirt-Engine Cross-site scripting (XSS) vulnerability in ovirt-engine allows remote attackers to inject arbitrary web script or HTML. | 4.3 |
| 2017-06-06 | CVE-2016-3077 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Redhat Ovirt-Engine The VersionMapper.fromKernelVersionString method in oVirt Engine allows remote authenticated users to cause a denial of service (process crash) for all VMs. | 4.0 |