Vulnerabilities (CVE)

  1. OpenCVE
  2. Vulnerabilities (CVE)
Filtered by vendor Redhat Subscribe
Filtered by product Enterprise Virtualization Hypervisor
Total 5 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2012-0877 2 Python, Redhat 3 Pyxml, Enterprise Linux, Enterprise Virtualization Hypervisor 2024-02-28 7.8 HIGH 7.5 HIGH
PyXML: Hash table collisions CPU usage Denial of Service
CVE-2015-5201 1 Redhat 2 Enterprise Virtualization, Enterprise Virtualization Hypervisor 2024-02-28 5.0 MEDIUM 7.5 HIGH
VDSM and libvirt in Red Hat Enterprise Virtualization Hypervisor (aka RHEV-H) 7-7.x before 7-7.2-20151119.0 and 6-6.x before 6-6.7-20151117.0 as packaged in Red Hat Enterprise Virtualization before 3.5.6 when VSDM is run with -spice disable-ticketing and a VM is suspended and then restored, allows remote attackers to log in without authentication via unspecified vectors.
CVE-2010-0430 1 Redhat 1 Enterprise Virtualization Hypervisor 2024-02-28 7.4 HIGH N/A
libspice, as used in QEMU-KVM in Red Hat Enterprise Virtualization Hypervisor (aka RHEV-H or rhev-hypervisor) before 5.5-2.2 and possibly other products, allows guest OS users to read from or write to arbitrary QEMU memory by modifying the address that is used by Cairo for memory mappings.
CVE-2011-1576 2 Linux, Redhat 3 Linux Kernel, Enterprise Linux, Enterprise Virtualization Hypervisor 2024-02-28 5.7 MEDIUM N/A
The Generic Receive Offload (GRO) implementation in the Linux kernel 2.6.18 on Red Hat Enterprise Linux 5 and 2.6.32 on Red Hat Enterprise Linux 6, as used in Red Hat Enterprise Virtualization (RHEV) Hypervisor and other products, allows remote attackers to cause a denial of service via crafted VLAN packets that are processed by the napi_reuse_skb function, leading to (1) a memory leak or (2) memory corruption, a different vulnerability than CVE-2011-1478.
CVE-2010-2223 1 Redhat 1 Enterprise Virtualization Hypervisor 2024-02-28 2.1 LOW N/A
Virtual Desktop Server Manager (VDSM) in Red Hat Enterprise Virtualization Hypervisor (aka RHEV-H or rhev-hypervisor) before 5.5-2.2 does not properly perform VM post-zeroing after the removal of a virtual machine's data, which allows guest OS users to obtain sensitive information by examining the disk blocks associated with a deleted virtual machine.