Vulnerabilities > Redhat > Virtualization > Low
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-05-06 | CVE-2021-3501 | Out-of-bounds Write vulnerability in multiple products A flaw was found in the Linux kernel in versions before 5.12. | 3.6 |
| 2021-03-18 | CVE-2019-14850 | Insufficient Control of Network Message Volume (Network Amplification) vulnerability in multiple products A denial of service vulnerability was discovered in nbdkit 1.12.7, 1.14.1 and 1.15.1. | 2.6 |
| 2018-08-20 | CVE-2015-5160 | Information Exposure vulnerability in multiple products libvirt before 2.2 includes Ceph credentials on the qemu command line when using RADOS Block Device (aka RBD), which allows local users to obtain sensitive information via a process listing. | 2.1 |
| 2018-05-22 | CVE-2018-3639 | Information Exposure Through Discrepancy vulnerability in multiple products Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prior memory writes are known may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis, aka Speculative Store Bypass (SSB), Variant 4. | 2.1 |
| 2018-04-24 | CVE-2018-1059 | Information Exposure vulnerability in multiple products The DPDK vhost-user interface does not check to verify that all the requested guest physical range is mapped and contiguous when performing Guest Physical Addresses to Host Virtual Addresses translations. | 2.9 |
| 2018-01-23 | CVE-2018-5683 | Out-of-bounds Read vulnerability in multiple products The vga_draw_text function in Qemu allows local OS guest privileged users to cause a denial of service (out-of-bounds read and QEMU process crash) by leveraging improper memory address validation. | 2.1 |