) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.
Search Results (Refine Search)
- Results Type: Overview
- Keyword (text search): cpe:2.3:a:redhat:enterprise_virtualization:2.2:*:*:*:*:*:*:*
- CPE Name Search: true
| Vuln ID | Summary | CVSS Severity |
|---|---|---|
| CVE-2015-5201 |
VDSM and libvirt in Red Hat Enterprise Virtualization Hypervisor (aka RHEV-H) 7-7.x before 7-7.2-20151119.0 and 6-6.x before 6-6.7-20151117.0 as packaged in Red Hat Enterprise Virtualization before 3.5.6 when VSDM is run with -spice disable-ticketing and a VM is suspended and then restored, allows remote attackers to log in without authentication via unspecified vectors. Published: February 25, 2020; 4:15:10 PM -0500 |
V3.1: 7.5 HIGH V2.0: 5.0 MEDIUM |
| CVE-2016-6310 |
oVirt Engine discloses the ENGINE_HTTPS_PKI_TRUST_STORE_PASSWORD in /var/log/ovirt-engine/engine.log file in RHEV before 4.0. Published: August 22, 2017; 2:29:00 PM -0400 |
V3.0: 5.5 MEDIUM V2.0: 2.1 LOW |
| CVE-2010-2811 |
Virtual Desktop Server Manager (VDSM) in Red Hat Enterprise Virtualization (RHEV) 2.2 does not properly accept TCP connections for SSL sessions, which allows remote attackers to cause a denial of service (daemon outage) via crafted SSL traffic. Published: August 24, 2010; 2:00:39 PM -0400 |
V3.x:(not available) V2.0: 5.7 MEDIUM |
| CVE-2010-2784 |
The subpage MMIO initialization functionality in the subpage_register function in exec.c in QEMU-KVM, as used in the Hypervisor (aka rhev-hypervisor) in Red Hat Enterprise Virtualization (RHEV) 2.2 and KVM 83, does not properly select the index for access to the callback array, which allows guest OS users to cause a denial of service (guest OS crash) or possibly gain privileges via unspecified vectors. Published: August 24, 2010; 2:00:39 PM -0400 |
V3.x:(not available) V2.0: 6.6 MEDIUM |
| CVE-2010-0435 |
The Hypervisor (aka rhev-hypervisor) in Red Hat Enterprise Virtualization (RHEV) 2.2, and KVM 83, when the Intel VT-x extension is enabled, allows guest OS users to cause a denial of service (NULL pointer dereference and host OS crash) via vectors related to instruction emulation. Published: August 24, 2010; 2:00:38 PM -0400 |
V3.x:(not available) V2.0: 4.6 MEDIUM |
| CVE-2010-0431 |
QEMU-KVM, as used in the Hypervisor (aka rhev-hypervisor) in Red Hat Enterprise Virtualization (RHEV) 2.2 and KVM 83, does not properly validate guest QXL driver pointers, which allows guest OS users to cause a denial of service (invalid pointer dereference and guest OS crash) or possibly gain privileges via unspecified vectors. Published: August 24, 2010; 2:00:38 PM -0400 |
V3.x:(not available) V2.0: 6.6 MEDIUM |
| CVE-2010-0429 |
libspice, as used in QEMU-KVM in the Hypervisor (aka rhev-hypervisor) in Red Hat Enterprise Virtualization (RHEV) 2.2 and qspice 0.3.0, does not properly restrict the addresses upon which memory-management actions are performed, which allows guest OS users to cause a denial of service (guest OS crash) or possibly gain privileges via unspecified vectors. Published: August 24, 2010; 2:00:23 PM -0400 |
V3.x:(not available) V2.0: 6.6 MEDIUM |
| CVE-2010-0428 |
libspice, as used in QEMU-KVM in the Hypervisor (aka rhev-hypervisor) in Red Hat Enterprise Virtualization (RHEV) 2.2 and qspice 0.3.0, does not properly validate guest QXL driver pointers, which allows guest OS users to cause a denial of service (invalid pointer dereference and guest OS crash) or possibly gain privileges via unspecified vectors. Published: August 24, 2010; 2:00:01 PM -0400 |
V3.x:(not available) V2.0: 6.6 MEDIUM |