Vulnerabilities > Redhat > Virtualization > 4.0

DATE CVE VULNERABILITY TITLE RISK
2021-03-18 CVE-2020-27827 A flaw was found in multiple versions of OpenvSwitch. 7.5
2021-01-12 CVE-2020-25657 A flaw was found in all released versions of m2crypto, where they are vulnerable to Bleichenbacher timing attacks in the RSA decryption API via the timed processing of valid PKCS#1 v1.5 Ciphertext.
network
high complexity
m2crypto-project redhat fedoraproject
5.9
2020-12-21 CVE-2020-35497 A flaw was found in ovirt-engine 4.4.3 and earlier allowing an authenticated user to read other users' personal information, including name, email and public SSH key.
network
low complexity
ovirt redhat
6.5
2020-01-02 CVE-2019-14859 Improper Verification of Cryptographic Signature vulnerability in multiple products
A flaw was found in all python-ecdsa versions before 0.13.3, where it did not correctly verify whether signatures used DER encoding.
network
low complexity
python-ecdsa-project redhat CWE-347
critical
9.1
2019-09-20 CVE-2019-14816 There is heap-based buffer overflow in kernel, all versions up to, excluding 5.3, in the marvell wifi chip driver in Linux kernel, that allows local users to cause a denial of service(system crash) or possibly execute arbitrary code. 7.8
2019-09-17 CVE-2019-14835 A buffer overflow flaw was found, in versions from 2.6.34 to 5.2.x, in the way Linux kernel's vhost functionality that translates virtqueue buffers to IOVs, logged the buffer descriptors during migration. 7.8
2019-07-30 CVE-2019-10161 Missing Authorization vulnerability in multiple products
It was discovered that libvirtd before versions 4.10.1 and 5.4.1 would permit read-only clients to use the virDomainSaveImageGetXMLDesc() API, specifying an arbitrary path which would be accessed with the permissions of the libvirtd process.
local
low complexity
redhat canonical CWE-862
7.8
2019-06-14 CVE-2019-10126 A flaw was found in the Linux kernel.
network
low complexity
linux redhat canonical debian opensuse netapp
critical
9.8
2019-06-12 CVE-2019-3888 Information Exposure Through Log Files vulnerability in multiple products
A vulnerability was found in Undertow web server before 2.0.21.
network
low complexity
redhat netapp CWE-532
critical
9.8
2019-06-07 CVE-2019-10160 A security regression of CVE-2019-9636 was discovered in python since commit d537ab0ff9767ef024f26246899728f0116b1ec3 affecting versions 2.7, 3.5, 3.6, 3.7 and from v3.8.0a4 through v3.8.0b1, which still allows an attacker to exploit CVE-2019-9636 by abusing the user and password parts of a URL.
network
low complexity
python redhat debian opensuse fedoraproject canonical netapp
critical
9.8