Search Results (Refine Search)
- CPE Product Version: cpe:/o:redhat:enterprise_virtualization_manager:2.1
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2012-5516 |
Red Hat Enterprise Virtualization Manager (RHEV-M) before 3.1, when moving disks between storage domains, does not properly wipe-after-delete, which prevents disks from being securely deleted and might allow local users to obtain sensitive information via unspecified vectors. Published: January 04, 2013; 5:55:02 PM -0500 |
V3.x:(not available) V2.0: 2.1 LOW |
CVE-2012-0860 |
Multiple untrusted search path vulnerabilities in Red Hat Enterprise Virtualization Manager (RHEV-M) before 3.1, when adding a host, allow local users to gain privileges via a Trojan horse (1) deployUtil.py or (2) vds_bootstrap.py Python module in /tmp/. Published: January 04, 2013; 5:55:01 PM -0500 |
V3.x:(not available) V2.0: 6.2 MEDIUM |
CVE-2010-2793 |
Race condition in the SPICE (aka spice-activex) plug-in for Internet Explorer in Red Hat Enterprise Virtualization (RHEV) Manager before 2.2.4 allows local users to create a certain named pipe, and consequently gain privileges, via vectors involving knowledge of the name of this named pipe, in conjunction with use of the ImpersonateNamedPipeClient function. Published: December 08, 2010; 1:00:03 PM -0500 |
V3.x:(not available) V2.0: 6.8 MEDIUM |
CVE-2010-2224 |
The snapshot merging functionality in Red Hat Enterprise Virtualization Manager (aka RHEV-M) before 2.2 does not properly pass the postzero parameter during operations on deleted volumes, which allows guest OS users to obtain sensitive information by examining the disk blocks associated with a deleted virtual machine. Published: June 24, 2010; 1:30:00 PM -0400 |
V3.x:(not available) V2.0: 2.1 LOW |