Vulnerabilities > Redhat > Virtualization > 4.0

DATE	CVE	VULNERABILITY TITLE	RISK
2021-03-18	CVE-2020-27827	Resource Exhaustion vulnerability in multiple products A flaw was found in multiple versions of OpenvSwitch. network low complexity lldpd-project openvswitch redhat fedoraproject siemens CWE-400	7.5
2021-01-12	CVE-2020-25657	Covert Timing Channel vulnerability in multiple products A flaw was found in all released versions of m2crypto, where they are vulnerable to Bleichenbacher timing attacks in the RSA decryption API via the timed processing of valid PKCS#1 v1.5 Ciphertext. network high complexity m2crypto-project redhat fedoraproject CWE-385	5.9
2020-12-21	CVE-2020-35497	Improper Access Control vulnerability in multiple products A flaw was found in ovirt-engine 4.4.3 and earlier allowing an authenticated user to read other users' personal information, including name, email and public SSH key. network low complexity ovirt redhat CWE-284	6.5
2020-01-02	CVE-2019-14859	Improper Verification of Cryptographic Signature vulnerability in multiple products A flaw was found in all python-ecdsa versions before 0.13.3, where it did not correctly verify whether signatures used DER encoding. network low complexity python-ecdsa-project redhat CWE-347	6.4
2019-09-20	CVE-2019-14816	Heap-based Buffer Overflow vulnerability in multiple products There is heap-based buffer overflow in kernel, all versions up to, excluding 5.3, in the marvell wifi chip driver in Linux kernel, that allows local users to cause a denial of service(system crash) or possibly execute arbitrary code. local low complexity linux redhat debian fedoraproject netapp canonical opensuse CWE-122	7.8
2019-09-17	CVE-2019-14835	Classic Buffer Overflow vulnerability in multiple products A buffer overflow flaw was found, in versions from 2.6.34 to 5.2.x, in the way Linux kernel's vhost functionality that translates virtqueue buffers to IOVs, logged the buffer descriptors during migration. local low complexity linux canonical debian fedoraproject opensuse netapp redhat huawei CWE-120	7.8
2019-07-30	CVE-2019-10161	Missing Authorization vulnerability in multiple products It was discovered that libvirtd before versions 4.10.1 and 5.4.1 would permit read-only clients to use the virDomainSaveImageGetXMLDesc() API, specifying an arbitrary path which would be accessed with the permissions of the libvirtd process. local low complexity redhat canonical CWE-862	7.8
2019-06-14	CVE-2019-10126	Heap-based Buffer Overflow vulnerability in multiple products A flaw was found in the Linux kernel. network low complexity linux redhat canonical debian opensuse netapp CWE-122 critical	9.8
2019-06-12	CVE-2019-3888	Information Exposure Through Log Files vulnerability in multiple products A vulnerability was found in Undertow web server before 2.0.21. network low complexity redhat netapp CWE-532	5.0
2019-06-07	CVE-2019-10160	Encoding Error vulnerability in multiple products A security regression of CVE-2019-9636 was discovered in python since commit d537ab0ff9767ef024f26246899728f0116b1ec3 affecting versions 2.7, 3.5, 3.6, 3.7 and from v3.8.0a4 through v3.8.0b1, which still allows an attacker to exploit CVE-2019-9636 by abusing the user and password parts of a URL. network low complexity python redhat debian opensuse fedoraproject canonical netapp CWE-172 critical	9.8