| 0 |
| url |
VCID-4sf9-8j9p-3fgz |
| vulnerability_id |
VCID-4sf9-8j9p-3fgz |
| summary |
An off-by-one error flaw was found in the udevListInterfacesByStatus() function in libvirt when the number of interfaces exceeds the size of the `names` array. This issue can be reproduced by sending specially crafted data to the libvirt daemon, allowing an unprivileged client to perform a denial of service attack by causing the libvirt daemon to crash. |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
|
| fixed_packages |
|
| aliases |
CVE-2024-1441
|
| risk_score |
2.5 |
| exploitability |
0.5 |
| weighted_severity |
5.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-4sf9-8j9p-3fgz |
|
| 1 |
| url |
VCID-522f-y6qx-nfhn |
| vulnerability_id |
VCID-522f-y6qx-nfhn |
| summary |
The virDomainGetXMLDesc API in Libvirt before 1.2.11 allows remote read-only users to obtain the VNC password by using the VIR_DOMAIN_XML_MIGRATABLE flag, which triggers the use of the VIR_DOMAIN_XML_SECURE flag. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:deb/debian/libvirt@1.2.9-9 |
| purl |
pkg:deb/debian/libvirt@1.2.9-9 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-4sf9-8j9p-3fgz |
|
| 1 |
| vulnerability |
VCID-53fz-t4zs-7kbk |
|
| 2 |
| vulnerability |
VCID-6pj3-mq9g-yye9 |
|
| 3 |
| vulnerability |
VCID-75av-3nr7-bkh1 |
|
| 4 |
| vulnerability |
VCID-8u2b-ad6e-ukaw |
|
| 5 |
| vulnerability |
VCID-abdh-e635-17cp |
|
| 6 |
| vulnerability |
VCID-bes6-jjfw-tbdx |
|
| 7 |
| vulnerability |
VCID-bzyu-42js-e3e6 |
|
| 8 |
| vulnerability |
VCID-cf81-wpvh-kqa2 |
|
| 9 |
| vulnerability |
VCID-cjpk-feb2-zqds |
|
| 10 |
| vulnerability |
VCID-etr9-c84d-vuhr |
|
| 11 |
| vulnerability |
VCID-gneu-b3qk-q7e4 |
|
| 12 |
| vulnerability |
VCID-j5b5-zjxe-ffhu |
|
| 13 |
| vulnerability |
VCID-j71z-t8bh-wbb4 |
|
| 14 |
| vulnerability |
VCID-jtjs-y7k7-r7ae |
|
| 15 |
| vulnerability |
VCID-k2ku-9mx2-b3a9 |
|
| 16 |
| vulnerability |
VCID-kjnb-e6nd-wudn |
|
| 17 |
| vulnerability |
VCID-mtgm-vqw9-1ubf |
|
| 18 |
| vulnerability |
VCID-myg3-46rj-3qax |
|
| 19 |
| vulnerability |
VCID-n2nm-knaw-gkgx |
|
| 20 |
| vulnerability |
VCID-pqyk-2c8e-5yh5 |
|
| 21 |
| vulnerability |
VCID-psr7-vapd-6udz |
|
| 22 |
| vulnerability |
VCID-q2ng-jgm7-8uc9 |
|
| 23 |
| vulnerability |
VCID-r61c-726k-bfh5 |
|
| 24 |
| vulnerability |
VCID-t296-efx6-1yba |
|
| 25 |
| vulnerability |
VCID-t414-nm3b-cfev |
|
| 26 |
| vulnerability |
VCID-tk2g-6m19-yqg3 |
|
| 27 |
| vulnerability |
VCID-v25d-upc8-wfh4 |
|
| 28 |
| vulnerability |
VCID-wtyd-7ppt-23cj |
|
| 29 |
| vulnerability |
VCID-x248-nq74-wbbs |
|
| 30 |
| vulnerability |
VCID-ztu1-8yz5-tyc6 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvirt@1.2.9-9 |
|
|
| aliases |
CVE-2014-7823
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-522f-y6qx-nfhn |
|
| 2 |
| url |
VCID-53fz-t4zs-7kbk |
| vulnerability_id |
VCID-53fz-t4zs-7kbk |
| summary |
A use-after-free flaw was found in libvirt. The qemuMonitorUnregister() function in qemuProcessHandleMonitorEOF is called using multiple threads without being adequately protected by a monitor lock. This flaw could be triggered by the virConnectGetAllDomainStats API when the guest is shutting down. An unprivileged client with a read-only connection could use this flaw to perform a denial of service attack by causing the libvirt daemon to crash. |
| references |
|
| fixed_packages |
|
| aliases |
CVE-2021-3975
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-53fz-t4zs-7kbk |
|
| 3 |
| url |
VCID-5th2-yymu-x7hm |
| vulnerability_id |
VCID-5th2-yymu-x7hm |
| summary |
Race condition in the virNetServerClientStartKeepAlive function in libvirt before 1.2.1 allows remote attackers to cause a denial of service (libvirtd crash) by closing a connection before a keepalive response is sent. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:deb/debian/libvirt@0.9.12.3-1%2Bdeb7u1 |
| purl |
pkg:deb/debian/libvirt@0.9.12.3-1%2Bdeb7u1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-4sf9-8j9p-3fgz |
|
| 1 |
| vulnerability |
VCID-522f-y6qx-nfhn |
|
| 2 |
| vulnerability |
VCID-53fz-t4zs-7kbk |
|
| 3 |
| vulnerability |
VCID-5th2-yymu-x7hm |
|
| 4 |
| vulnerability |
VCID-6pj3-mq9g-yye9 |
|
| 5 |
| vulnerability |
VCID-75av-3nr7-bkh1 |
|
| 6 |
| vulnerability |
VCID-7ezn-r2xq-c7de |
|
| 7 |
| vulnerability |
VCID-7ks5-8e2n-tua4 |
|
| 8 |
| vulnerability |
VCID-8fmd-jdpb-v7eb |
|
| 9 |
| vulnerability |
VCID-8frc-fhvs-bucm |
|
| 10 |
| vulnerability |
VCID-8u2b-ad6e-ukaw |
|
| 11 |
| vulnerability |
VCID-8wxg-1wr8-rfca |
|
| 12 |
| vulnerability |
VCID-9cft-v9u9-fubh |
|
| 13 |
| vulnerability |
VCID-abdh-e635-17cp |
|
| 14 |
| vulnerability |
VCID-bes6-jjfw-tbdx |
|
| 15 |
| vulnerability |
VCID-bw47-fewt-2fax |
|
| 16 |
| vulnerability |
VCID-bzyu-42js-e3e6 |
|
| 17 |
| vulnerability |
VCID-cf81-wpvh-kqa2 |
|
| 18 |
| vulnerability |
VCID-cjpk-feb2-zqds |
|
| 19 |
| vulnerability |
VCID-db3h-q8fp-b3ds |
|
| 20 |
| vulnerability |
VCID-dqys-qxtq-7yd9 |
|
| 21 |
| vulnerability |
VCID-etr9-c84d-vuhr |
|
| 22 |
| vulnerability |
VCID-g2pc-1es2-3qer |
|
| 23 |
| vulnerability |
VCID-g3k9-1rc3-xfhu |
|
| 24 |
| vulnerability |
VCID-g59s-kpjm-dbbg |
|
| 25 |
| vulnerability |
VCID-g94m-69qv-8kgk |
|
| 26 |
| vulnerability |
VCID-gneu-b3qk-q7e4 |
|
| 27 |
| vulnerability |
VCID-h8hd-mdcx-tben |
|
| 28 |
| vulnerability |
VCID-j5b5-zjxe-ffhu |
|
| 29 |
| vulnerability |
VCID-j71z-t8bh-wbb4 |
|
| 30 |
| vulnerability |
VCID-jtjs-y7k7-r7ae |
|
| 31 |
| vulnerability |
VCID-jzhx-dfgg-37ct |
|
| 32 |
| vulnerability |
VCID-k2ku-9mx2-b3a9 |
|
| 33 |
| vulnerability |
VCID-kjnb-e6nd-wudn |
|
| 34 |
| vulnerability |
VCID-kn2h-kurp-pbcc |
|
| 35 |
| vulnerability |
VCID-kqsz-xg9j-ukeu |
|
| 36 |
| vulnerability |
VCID-kta6-5pt1-27at |
|
| 37 |
| vulnerability |
VCID-mtgm-vqw9-1ubf |
|
| 38 |
| vulnerability |
VCID-myg3-46rj-3qax |
|
| 39 |
| vulnerability |
VCID-mzv1-uhwm-fqd2 |
|
| 40 |
| vulnerability |
VCID-n2nm-knaw-gkgx |
|
| 41 |
| vulnerability |
VCID-p3ja-7zqb-mybj |
|
| 42 |
| vulnerability |
VCID-pqyk-2c8e-5yh5 |
|
| 43 |
| vulnerability |
VCID-psr7-vapd-6udz |
|
| 44 |
| vulnerability |
VCID-q2ng-jgm7-8uc9 |
|
| 45 |
| vulnerability |
VCID-qpvd-b2ru-d7a3 |
|
| 46 |
| vulnerability |
VCID-qtct-kbdm-z7ed |
|
| 47 |
| vulnerability |
VCID-qw96-udhq-q7b6 |
|
| 48 |
| vulnerability |
VCID-r61c-726k-bfh5 |
|
| 49 |
| vulnerability |
VCID-rrcc-k1cq-5ugw |
|
| 50 |
| vulnerability |
VCID-t296-efx6-1yba |
|
| 51 |
| vulnerability |
VCID-t414-nm3b-cfev |
|
| 52 |
| vulnerability |
VCID-tk2g-6m19-yqg3 |
|
| 53 |
| vulnerability |
VCID-u1x7-9n1d-8qb3 |
|
| 54 |
| vulnerability |
VCID-urzt-z32b-97dp |
|
| 55 |
| vulnerability |
VCID-v25d-upc8-wfh4 |
|
| 56 |
| vulnerability |
VCID-vsx2-9wna-nuf2 |
|
| 57 |
| vulnerability |
VCID-wtyd-7ppt-23cj |
|
| 58 |
| vulnerability |
VCID-x248-nq74-wbbs |
|
| 59 |
| vulnerability |
VCID-yb4y-39u3-eufg |
|
| 60 |
| vulnerability |
VCID-ztu1-8yz5-tyc6 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvirt@0.9.12.3-1%252Bdeb7u1 |
|
| 1 |
| url |
pkg:deb/debian/libvirt@1.2.4-1~bpo70%2B1.1 |
| purl |
pkg:deb/debian/libvirt@1.2.4-1~bpo70%2B1.1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-4sf9-8j9p-3fgz |
|
| 1 |
| vulnerability |
VCID-522f-y6qx-nfhn |
|
| 2 |
| vulnerability |
VCID-53fz-t4zs-7kbk |
|
| 3 |
| vulnerability |
VCID-6pj3-mq9g-yye9 |
|
| 4 |
| vulnerability |
VCID-75av-3nr7-bkh1 |
|
| 5 |
| vulnerability |
VCID-7ezn-r2xq-c7de |
|
| 6 |
| vulnerability |
VCID-8u2b-ad6e-ukaw |
|
| 7 |
| vulnerability |
VCID-8wxg-1wr8-rfca |
|
| 8 |
| vulnerability |
VCID-9cft-v9u9-fubh |
|
| 9 |
| vulnerability |
VCID-abdh-e635-17cp |
|
| 10 |
| vulnerability |
VCID-bes6-jjfw-tbdx |
|
| 11 |
| vulnerability |
VCID-bzyu-42js-e3e6 |
|
| 12 |
| vulnerability |
VCID-cf81-wpvh-kqa2 |
|
| 13 |
| vulnerability |
VCID-cjpk-feb2-zqds |
|
| 14 |
| vulnerability |
VCID-etr9-c84d-vuhr |
|
| 15 |
| vulnerability |
VCID-g59s-kpjm-dbbg |
|
| 16 |
| vulnerability |
VCID-g94m-69qv-8kgk |
|
| 17 |
| vulnerability |
VCID-gneu-b3qk-q7e4 |
|
| 18 |
| vulnerability |
VCID-j5b5-zjxe-ffhu |
|
| 19 |
| vulnerability |
VCID-j71z-t8bh-wbb4 |
|
| 20 |
| vulnerability |
VCID-jtjs-y7k7-r7ae |
|
| 21 |
| vulnerability |
VCID-k2ku-9mx2-b3a9 |
|
| 22 |
| vulnerability |
VCID-kjnb-e6nd-wudn |
|
| 23 |
| vulnerability |
VCID-kta6-5pt1-27at |
|
| 24 |
| vulnerability |
VCID-mtgm-vqw9-1ubf |
|
| 25 |
| vulnerability |
VCID-myg3-46rj-3qax |
|
| 26 |
| vulnerability |
VCID-n2nm-knaw-gkgx |
|
| 27 |
| vulnerability |
VCID-pqyk-2c8e-5yh5 |
|
| 28 |
| vulnerability |
VCID-psr7-vapd-6udz |
|
| 29 |
| vulnerability |
VCID-q2ng-jgm7-8uc9 |
|
| 30 |
| vulnerability |
VCID-r61c-726k-bfh5 |
|
| 31 |
| vulnerability |
VCID-t296-efx6-1yba |
|
| 32 |
| vulnerability |
VCID-t414-nm3b-cfev |
|
| 33 |
| vulnerability |
VCID-tk2g-6m19-yqg3 |
|
| 34 |
| vulnerability |
VCID-v25d-upc8-wfh4 |
|
| 35 |
| vulnerability |
VCID-vsx2-9wna-nuf2 |
|
| 36 |
| vulnerability |
VCID-wtyd-7ppt-23cj |
|
| 37 |
| vulnerability |
VCID-x248-nq74-wbbs |
|
| 38 |
| vulnerability |
VCID-yb4y-39u3-eufg |
|
| 39 |
| vulnerability |
VCID-ztu1-8yz5-tyc6 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvirt@1.2.4-1~bpo70%252B1.1 |
|
|
| aliases |
CVE-2014-1447
|
| risk_score |
0.1 |
| exploitability |
0.5 |
| weighted_severity |
0.1 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-5th2-yymu-x7hm |
|
| 4 |
| url |
VCID-6pj3-mq9g-yye9 |
| vulnerability_id |
VCID-6pj3-mq9g-yye9 |
| summary |
An issue was discovered in qemuDomainGetStatsIOThread in qemu/qemu_driver.c in libvirt 4.10.0 though 6.x before 6.1.0. A memory leak was found in the virDomainListGetStats libvirt API that is responsible for retrieving domain statistics when managing QEMU guests. This flaw allows unprivileged users with a read-only connection to cause a memory leak in the domstats command, resulting in a potential denial of service. |
| references |
|
| fixed_packages |
|
| aliases |
CVE-2020-12430
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-6pj3-mq9g-yye9 |
|
| 5 |
| url |
VCID-75av-3nr7-bkh1 |
| vulnerability_id |
VCID-75av-3nr7-bkh1 |
| summary |
A NULL pointer deference flaw was found in the way libvirt from 2.5.0 to 3.0.0 handled empty drives. A remote authenticated attacker could use this flaw to crash libvirtd daemon resulting in denial of service. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:deb/debian/libvirt@3.0.0-4%2Bdeb9u2~bpo8%2B1 |
| purl |
pkg:deb/debian/libvirt@3.0.0-4%2Bdeb9u2~bpo8%2B1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-4sf9-8j9p-3fgz |
|
| 1 |
| vulnerability |
VCID-53fz-t4zs-7kbk |
|
| 2 |
| vulnerability |
VCID-6pj3-mq9g-yye9 |
|
| 3 |
| vulnerability |
VCID-8u2b-ad6e-ukaw |
|
| 4 |
| vulnerability |
VCID-abdh-e635-17cp |
|
| 5 |
| vulnerability |
VCID-bzyu-42js-e3e6 |
|
| 6 |
| vulnerability |
VCID-cf81-wpvh-kqa2 |
|
| 7 |
| vulnerability |
VCID-cjpk-feb2-zqds |
|
| 8 |
| vulnerability |
VCID-etr9-c84d-vuhr |
|
| 9 |
| vulnerability |
VCID-gneu-b3qk-q7e4 |
|
| 10 |
| vulnerability |
VCID-j71z-t8bh-wbb4 |
|
| 11 |
| vulnerability |
VCID-jtjs-y7k7-r7ae |
|
| 12 |
| vulnerability |
VCID-kjnb-e6nd-wudn |
|
| 13 |
| vulnerability |
VCID-mtgm-vqw9-1ubf |
|
| 14 |
| vulnerability |
VCID-myg3-46rj-3qax |
|
| 15 |
| vulnerability |
VCID-n2nm-knaw-gkgx |
|
| 16 |
| vulnerability |
VCID-pqyk-2c8e-5yh5 |
|
| 17 |
| vulnerability |
VCID-psr7-vapd-6udz |
|
| 18 |
| vulnerability |
VCID-q2ng-jgm7-8uc9 |
|
| 19 |
| vulnerability |
VCID-r61c-726k-bfh5 |
|
| 20 |
| vulnerability |
VCID-t296-efx6-1yba |
|
| 21 |
| vulnerability |
VCID-t414-nm3b-cfev |
|
| 22 |
| vulnerability |
VCID-v25d-upc8-wfh4 |
|
| 23 |
| vulnerability |
VCID-wtyd-7ppt-23cj |
|
| 24 |
| vulnerability |
VCID-ztu1-8yz5-tyc6 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvirt@3.0.0-4%252Bdeb9u2~bpo8%252B1 |
|
|
| aliases |
CVE-2017-2635
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-75av-3nr7-bkh1 |
|
| 6 |
| url |
VCID-7ezn-r2xq-c7de |
| vulnerability_id |
VCID-7ezn-r2xq-c7de |
| summary |
The qemuDomainGetBlockIoTune function in qemu/qemu_driver.c in libvirt before 1.2.9, when a disk has been hot-plugged or removed from the live image, allows remote attackers to cause a denial of service (crash) or read sensitive heap information via a crafted blkiotune query, which triggers an out-of-bounds read. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:deb/debian/libvirt@0.9.12.3-1%2Bdeb7u1 |
| purl |
pkg:deb/debian/libvirt@0.9.12.3-1%2Bdeb7u1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-4sf9-8j9p-3fgz |
|
| 1 |
| vulnerability |
VCID-522f-y6qx-nfhn |
|
| 2 |
| vulnerability |
VCID-53fz-t4zs-7kbk |
|
| 3 |
| vulnerability |
VCID-5th2-yymu-x7hm |
|
| 4 |
| vulnerability |
VCID-6pj3-mq9g-yye9 |
|
| 5 |
| vulnerability |
VCID-75av-3nr7-bkh1 |
|
| 6 |
| vulnerability |
VCID-7ezn-r2xq-c7de |
|
| 7 |
| vulnerability |
VCID-7ks5-8e2n-tua4 |
|
| 8 |
| vulnerability |
VCID-8fmd-jdpb-v7eb |
|
| 9 |
| vulnerability |
VCID-8frc-fhvs-bucm |
|
| 10 |
| vulnerability |
VCID-8u2b-ad6e-ukaw |
|
| 11 |
| vulnerability |
VCID-8wxg-1wr8-rfca |
|
| 12 |
| vulnerability |
VCID-9cft-v9u9-fubh |
|
| 13 |
| vulnerability |
VCID-abdh-e635-17cp |
|
| 14 |
| vulnerability |
VCID-bes6-jjfw-tbdx |
|
| 15 |
| vulnerability |
VCID-bw47-fewt-2fax |
|
| 16 |
| vulnerability |
VCID-bzyu-42js-e3e6 |
|
| 17 |
| vulnerability |
VCID-cf81-wpvh-kqa2 |
|
| 18 |
| vulnerability |
VCID-cjpk-feb2-zqds |
|
| 19 |
| vulnerability |
VCID-db3h-q8fp-b3ds |
|
| 20 |
| vulnerability |
VCID-dqys-qxtq-7yd9 |
|
| 21 |
| vulnerability |
VCID-etr9-c84d-vuhr |
|
| 22 |
| vulnerability |
VCID-g2pc-1es2-3qer |
|
| 23 |
| vulnerability |
VCID-g3k9-1rc3-xfhu |
|
| 24 |
| vulnerability |
VCID-g59s-kpjm-dbbg |
|
| 25 |
| vulnerability |
VCID-g94m-69qv-8kgk |
|
| 26 |
| vulnerability |
VCID-gneu-b3qk-q7e4 |
|
| 27 |
| vulnerability |
VCID-h8hd-mdcx-tben |
|
| 28 |
| vulnerability |
VCID-j5b5-zjxe-ffhu |
|
| 29 |
| vulnerability |
VCID-j71z-t8bh-wbb4 |
|
| 30 |
| vulnerability |
VCID-jtjs-y7k7-r7ae |
|
| 31 |
| vulnerability |
VCID-jzhx-dfgg-37ct |
|
| 32 |
| vulnerability |
VCID-k2ku-9mx2-b3a9 |
|
| 33 |
| vulnerability |
VCID-kjnb-e6nd-wudn |
|
| 34 |
| vulnerability |
VCID-kn2h-kurp-pbcc |
|
| 35 |
| vulnerability |
VCID-kqsz-xg9j-ukeu |
|
| 36 |
| vulnerability |
VCID-kta6-5pt1-27at |
|
| 37 |
| vulnerability |
VCID-mtgm-vqw9-1ubf |
|
| 38 |
| vulnerability |
VCID-myg3-46rj-3qax |
|
| 39 |
| vulnerability |
VCID-mzv1-uhwm-fqd2 |
|
| 40 |
| vulnerability |
VCID-n2nm-knaw-gkgx |
|
| 41 |
| vulnerability |
VCID-p3ja-7zqb-mybj |
|
| 42 |
| vulnerability |
VCID-pqyk-2c8e-5yh5 |
|
| 43 |
| vulnerability |
VCID-psr7-vapd-6udz |
|
| 44 |
| vulnerability |
VCID-q2ng-jgm7-8uc9 |
|
| 45 |
| vulnerability |
VCID-qpvd-b2ru-d7a3 |
|
| 46 |
| vulnerability |
VCID-qtct-kbdm-z7ed |
|
| 47 |
| vulnerability |
VCID-qw96-udhq-q7b6 |
|
| 48 |
| vulnerability |
VCID-r61c-726k-bfh5 |
|
| 49 |
| vulnerability |
VCID-rrcc-k1cq-5ugw |
|
| 50 |
| vulnerability |
VCID-t296-efx6-1yba |
|
| 51 |
| vulnerability |
VCID-t414-nm3b-cfev |
|
| 52 |
| vulnerability |
VCID-tk2g-6m19-yqg3 |
|
| 53 |
| vulnerability |
VCID-u1x7-9n1d-8qb3 |
|
| 54 |
| vulnerability |
VCID-urzt-z32b-97dp |
|
| 55 |
| vulnerability |
VCID-v25d-upc8-wfh4 |
|
| 56 |
| vulnerability |
VCID-vsx2-9wna-nuf2 |
|
| 57 |
| vulnerability |
VCID-wtyd-7ppt-23cj |
|
| 58 |
| vulnerability |
VCID-x248-nq74-wbbs |
|
| 59 |
| vulnerability |
VCID-yb4y-39u3-eufg |
|
| 60 |
| vulnerability |
VCID-ztu1-8yz5-tyc6 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvirt@0.9.12.3-1%252Bdeb7u1 |
|
| 1 |
| url |
pkg:deb/debian/libvirt@1.2.9-9 |
| purl |
pkg:deb/debian/libvirt@1.2.9-9 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-4sf9-8j9p-3fgz |
|
| 1 |
| vulnerability |
VCID-53fz-t4zs-7kbk |
|
| 2 |
| vulnerability |
VCID-6pj3-mq9g-yye9 |
|
| 3 |
| vulnerability |
VCID-75av-3nr7-bkh1 |
|
| 4 |
| vulnerability |
VCID-8u2b-ad6e-ukaw |
|
| 5 |
| vulnerability |
VCID-abdh-e635-17cp |
|
| 6 |
| vulnerability |
VCID-bes6-jjfw-tbdx |
|
| 7 |
| vulnerability |
VCID-bzyu-42js-e3e6 |
|
| 8 |
| vulnerability |
VCID-cf81-wpvh-kqa2 |
|
| 9 |
| vulnerability |
VCID-cjpk-feb2-zqds |
|
| 10 |
| vulnerability |
VCID-etr9-c84d-vuhr |
|
| 11 |
| vulnerability |
VCID-gneu-b3qk-q7e4 |
|
| 12 |
| vulnerability |
VCID-j5b5-zjxe-ffhu |
|
| 13 |
| vulnerability |
VCID-j71z-t8bh-wbb4 |
|
| 14 |
| vulnerability |
VCID-jtjs-y7k7-r7ae |
|
| 15 |
| vulnerability |
VCID-k2ku-9mx2-b3a9 |
|
| 16 |
| vulnerability |
VCID-kjnb-e6nd-wudn |
|
| 17 |
| vulnerability |
VCID-mtgm-vqw9-1ubf |
|
| 18 |
| vulnerability |
VCID-myg3-46rj-3qax |
|
| 19 |
| vulnerability |
VCID-n2nm-knaw-gkgx |
|
| 20 |
| vulnerability |
VCID-pqyk-2c8e-5yh5 |
|
| 21 |
| vulnerability |
VCID-psr7-vapd-6udz |
|
| 22 |
| vulnerability |
VCID-q2ng-jgm7-8uc9 |
|
| 23 |
| vulnerability |
VCID-r61c-726k-bfh5 |
|
| 24 |
| vulnerability |
VCID-t296-efx6-1yba |
|
| 25 |
| vulnerability |
VCID-t414-nm3b-cfev |
|
| 26 |
| vulnerability |
VCID-tk2g-6m19-yqg3 |
|
| 27 |
| vulnerability |
VCID-v25d-upc8-wfh4 |
|
| 28 |
| vulnerability |
VCID-wtyd-7ppt-23cj |
|
| 29 |
| vulnerability |
VCID-x248-nq74-wbbs |
|
| 30 |
| vulnerability |
VCID-ztu1-8yz5-tyc6 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvirt@1.2.9-9 |
|
|
| aliases |
CVE-2014-3633
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-7ezn-r2xq-c7de |
|
| 7 |
| url |
VCID-7ks5-8e2n-tua4 |
| vulnerability_id |
VCID-7ks5-8e2n-tua4 |
| summary |
libvirt 1.0.5.x before 1.0.5.6, 0.10.2.x before 0.10.2.8, and 0.9.12.x before 0.9.12.2 allows local users to bypass intended access restrictions by leveraging a PolkitUnixProcess PolkitSubject race condition in pkcheck via a (1) setuid process or (2) pkexec process, a related issue to CVE-2013-4288. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:deb/debian/libvirt@1.2.1-1~bpo70%2B1 |
| purl |
pkg:deb/debian/libvirt@1.2.1-1~bpo70%2B1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-4sf9-8j9p-3fgz |
|
| 1 |
| vulnerability |
VCID-522f-y6qx-nfhn |
|
| 2 |
| vulnerability |
VCID-53fz-t4zs-7kbk |
|
| 3 |
| vulnerability |
VCID-5th2-yymu-x7hm |
|
| 4 |
| vulnerability |
VCID-6pj3-mq9g-yye9 |
|
| 5 |
| vulnerability |
VCID-75av-3nr7-bkh1 |
|
| 6 |
| vulnerability |
VCID-7ezn-r2xq-c7de |
|
| 7 |
| vulnerability |
VCID-8u2b-ad6e-ukaw |
|
| 8 |
| vulnerability |
VCID-8wxg-1wr8-rfca |
|
| 9 |
| vulnerability |
VCID-9cft-v9u9-fubh |
|
| 10 |
| vulnerability |
VCID-abdh-e635-17cp |
|
| 11 |
| vulnerability |
VCID-bes6-jjfw-tbdx |
|
| 12 |
| vulnerability |
VCID-bzyu-42js-e3e6 |
|
| 13 |
| vulnerability |
VCID-cf81-wpvh-kqa2 |
|
| 14 |
| vulnerability |
VCID-cjpk-feb2-zqds |
|
| 15 |
| vulnerability |
VCID-dqys-qxtq-7yd9 |
|
| 16 |
| vulnerability |
VCID-etr9-c84d-vuhr |
|
| 17 |
| vulnerability |
VCID-g3k9-1rc3-xfhu |
|
| 18 |
| vulnerability |
VCID-g59s-kpjm-dbbg |
|
| 19 |
| vulnerability |
VCID-g94m-69qv-8kgk |
|
| 20 |
| vulnerability |
VCID-gneu-b3qk-q7e4 |
|
| 21 |
| vulnerability |
VCID-j5b5-zjxe-ffhu |
|
| 22 |
| vulnerability |
VCID-j71z-t8bh-wbb4 |
|
| 23 |
| vulnerability |
VCID-jtjs-y7k7-r7ae |
|
| 24 |
| vulnerability |
VCID-k2ku-9mx2-b3a9 |
|
| 25 |
| vulnerability |
VCID-kjnb-e6nd-wudn |
|
| 26 |
| vulnerability |
VCID-kta6-5pt1-27at |
|
| 27 |
| vulnerability |
VCID-mtgm-vqw9-1ubf |
|
| 28 |
| vulnerability |
VCID-myg3-46rj-3qax |
|
| 29 |
| vulnerability |
VCID-n2nm-knaw-gkgx |
|
| 30 |
| vulnerability |
VCID-p3ja-7zqb-mybj |
|
| 31 |
| vulnerability |
VCID-pqyk-2c8e-5yh5 |
|
| 32 |
| vulnerability |
VCID-psr7-vapd-6udz |
|
| 33 |
| vulnerability |
VCID-q2ng-jgm7-8uc9 |
|
| 34 |
| vulnerability |
VCID-r61c-726k-bfh5 |
|
| 35 |
| vulnerability |
VCID-t296-efx6-1yba |
|
| 36 |
| vulnerability |
VCID-t414-nm3b-cfev |
|
| 37 |
| vulnerability |
VCID-tk2g-6m19-yqg3 |
|
| 38 |
| vulnerability |
VCID-u1x7-9n1d-8qb3 |
|
| 39 |
| vulnerability |
VCID-v25d-upc8-wfh4 |
|
| 40 |
| vulnerability |
VCID-vsx2-9wna-nuf2 |
|
| 41 |
| vulnerability |
VCID-wtyd-7ppt-23cj |
|
| 42 |
| vulnerability |
VCID-x248-nq74-wbbs |
|
| 43 |
| vulnerability |
VCID-yb4y-39u3-eufg |
|
| 44 |
| vulnerability |
VCID-ztu1-8yz5-tyc6 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvirt@1.2.1-1~bpo70%252B1 |
|
|
| aliases |
CVE-2013-4311
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-7ks5-8e2n-tua4 |
|
| 8 |
| url |
VCID-8fmd-jdpb-v7eb |
| vulnerability_id |
VCID-8fmd-jdpb-v7eb |
| summary |
The qemuAgentCommand function in libvirt before 1.1.1, when a guest agent is not configured, allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via vectors related to "agent based cpu (un)plug," as demonstrated by the "virsh vcpucount foobar --guest" command. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:deb/debian/libvirt@1.2.1-1~bpo70%2B1 |
| purl |
pkg:deb/debian/libvirt@1.2.1-1~bpo70%2B1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-4sf9-8j9p-3fgz |
|
| 1 |
| vulnerability |
VCID-522f-y6qx-nfhn |
|
| 2 |
| vulnerability |
VCID-53fz-t4zs-7kbk |
|
| 3 |
| vulnerability |
VCID-5th2-yymu-x7hm |
|
| 4 |
| vulnerability |
VCID-6pj3-mq9g-yye9 |
|
| 5 |
| vulnerability |
VCID-75av-3nr7-bkh1 |
|
| 6 |
| vulnerability |
VCID-7ezn-r2xq-c7de |
|
| 7 |
| vulnerability |
VCID-8u2b-ad6e-ukaw |
|
| 8 |
| vulnerability |
VCID-8wxg-1wr8-rfca |
|
| 9 |
| vulnerability |
VCID-9cft-v9u9-fubh |
|
| 10 |
| vulnerability |
VCID-abdh-e635-17cp |
|
| 11 |
| vulnerability |
VCID-bes6-jjfw-tbdx |
|
| 12 |
| vulnerability |
VCID-bzyu-42js-e3e6 |
|
| 13 |
| vulnerability |
VCID-cf81-wpvh-kqa2 |
|
| 14 |
| vulnerability |
VCID-cjpk-feb2-zqds |
|
| 15 |
| vulnerability |
VCID-dqys-qxtq-7yd9 |
|
| 16 |
| vulnerability |
VCID-etr9-c84d-vuhr |
|
| 17 |
| vulnerability |
VCID-g3k9-1rc3-xfhu |
|
| 18 |
| vulnerability |
VCID-g59s-kpjm-dbbg |
|
| 19 |
| vulnerability |
VCID-g94m-69qv-8kgk |
|
| 20 |
| vulnerability |
VCID-gneu-b3qk-q7e4 |
|
| 21 |
| vulnerability |
VCID-j5b5-zjxe-ffhu |
|
| 22 |
| vulnerability |
VCID-j71z-t8bh-wbb4 |
|
| 23 |
| vulnerability |
VCID-jtjs-y7k7-r7ae |
|
| 24 |
| vulnerability |
VCID-k2ku-9mx2-b3a9 |
|
| 25 |
| vulnerability |
VCID-kjnb-e6nd-wudn |
|
| 26 |
| vulnerability |
VCID-kta6-5pt1-27at |
|
| 27 |
| vulnerability |
VCID-mtgm-vqw9-1ubf |
|
| 28 |
| vulnerability |
VCID-myg3-46rj-3qax |
|
| 29 |
| vulnerability |
VCID-n2nm-knaw-gkgx |
|
| 30 |
| vulnerability |
VCID-p3ja-7zqb-mybj |
|
| 31 |
| vulnerability |
VCID-pqyk-2c8e-5yh5 |
|
| 32 |
| vulnerability |
VCID-psr7-vapd-6udz |
|
| 33 |
| vulnerability |
VCID-q2ng-jgm7-8uc9 |
|
| 34 |
| vulnerability |
VCID-r61c-726k-bfh5 |
|
| 35 |
| vulnerability |
VCID-t296-efx6-1yba |
|
| 36 |
| vulnerability |
VCID-t414-nm3b-cfev |
|
| 37 |
| vulnerability |
VCID-tk2g-6m19-yqg3 |
|
| 38 |
| vulnerability |
VCID-u1x7-9n1d-8qb3 |
|
| 39 |
| vulnerability |
VCID-v25d-upc8-wfh4 |
|
| 40 |
| vulnerability |
VCID-vsx2-9wna-nuf2 |
|
| 41 |
| vulnerability |
VCID-wtyd-7ppt-23cj |
|
| 42 |
| vulnerability |
VCID-x248-nq74-wbbs |
|
| 43 |
| vulnerability |
VCID-yb4y-39u3-eufg |
|
| 44 |
| vulnerability |
VCID-ztu1-8yz5-tyc6 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvirt@1.2.1-1~bpo70%252B1 |
|
|
| aliases |
CVE-2013-4154
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-8fmd-jdpb-v7eb |
|
| 9 |
| url |
VCID-8frc-fhvs-bucm |
| vulnerability_id |
VCID-8frc-fhvs-bucm |
| summary |
The remoteDispatchDomainMemoryStats function in daemon/remote.c in libvirt 0.9.1 through 0.10.1.x, 0.10.2.x before 0.10.2.8, 1.0.x before 1.0.5.6, and 1.1.x before 1.1.2 allows remote authenticated users to cause a denial of service (uninitialized pointer dereference and crash) via a crafted RPC call. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:deb/debian/libvirt@0.9.12.3-1%2Bdeb7u1 |
| purl |
pkg:deb/debian/libvirt@0.9.12.3-1%2Bdeb7u1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-4sf9-8j9p-3fgz |
|
| 1 |
| vulnerability |
VCID-522f-y6qx-nfhn |
|
| 2 |
| vulnerability |
VCID-53fz-t4zs-7kbk |
|
| 3 |
| vulnerability |
VCID-5th2-yymu-x7hm |
|
| 4 |
| vulnerability |
VCID-6pj3-mq9g-yye9 |
|
| 5 |
| vulnerability |
VCID-75av-3nr7-bkh1 |
|
| 6 |
| vulnerability |
VCID-7ezn-r2xq-c7de |
|
| 7 |
| vulnerability |
VCID-7ks5-8e2n-tua4 |
|
| 8 |
| vulnerability |
VCID-8fmd-jdpb-v7eb |
|
| 9 |
| vulnerability |
VCID-8frc-fhvs-bucm |
|
| 10 |
| vulnerability |
VCID-8u2b-ad6e-ukaw |
|
| 11 |
| vulnerability |
VCID-8wxg-1wr8-rfca |
|
| 12 |
| vulnerability |
VCID-9cft-v9u9-fubh |
|
| 13 |
| vulnerability |
VCID-abdh-e635-17cp |
|
| 14 |
| vulnerability |
VCID-bes6-jjfw-tbdx |
|
| 15 |
| vulnerability |
VCID-bw47-fewt-2fax |
|
| 16 |
| vulnerability |
VCID-bzyu-42js-e3e6 |
|
| 17 |
| vulnerability |
VCID-cf81-wpvh-kqa2 |
|
| 18 |
| vulnerability |
VCID-cjpk-feb2-zqds |
|
| 19 |
| vulnerability |
VCID-db3h-q8fp-b3ds |
|
| 20 |
| vulnerability |
VCID-dqys-qxtq-7yd9 |
|
| 21 |
| vulnerability |
VCID-etr9-c84d-vuhr |
|
| 22 |
| vulnerability |
VCID-g2pc-1es2-3qer |
|
| 23 |
| vulnerability |
VCID-g3k9-1rc3-xfhu |
|
| 24 |
| vulnerability |
VCID-g59s-kpjm-dbbg |
|
| 25 |
| vulnerability |
VCID-g94m-69qv-8kgk |
|
| 26 |
| vulnerability |
VCID-gneu-b3qk-q7e4 |
|
| 27 |
| vulnerability |
VCID-h8hd-mdcx-tben |
|
| 28 |
| vulnerability |
VCID-j5b5-zjxe-ffhu |
|
| 29 |
| vulnerability |
VCID-j71z-t8bh-wbb4 |
|
| 30 |
| vulnerability |
VCID-jtjs-y7k7-r7ae |
|
| 31 |
| vulnerability |
VCID-jzhx-dfgg-37ct |
|
| 32 |
| vulnerability |
VCID-k2ku-9mx2-b3a9 |
|
| 33 |
| vulnerability |
VCID-kjnb-e6nd-wudn |
|
| 34 |
| vulnerability |
VCID-kn2h-kurp-pbcc |
|
| 35 |
| vulnerability |
VCID-kqsz-xg9j-ukeu |
|
| 36 |
| vulnerability |
VCID-kta6-5pt1-27at |
|
| 37 |
| vulnerability |
VCID-mtgm-vqw9-1ubf |
|
| 38 |
| vulnerability |
VCID-myg3-46rj-3qax |
|
| 39 |
| vulnerability |
VCID-mzv1-uhwm-fqd2 |
|
| 40 |
| vulnerability |
VCID-n2nm-knaw-gkgx |
|
| 41 |
| vulnerability |
VCID-p3ja-7zqb-mybj |
|
| 42 |
| vulnerability |
VCID-pqyk-2c8e-5yh5 |
|
| 43 |
| vulnerability |
VCID-psr7-vapd-6udz |
|
| 44 |
| vulnerability |
VCID-q2ng-jgm7-8uc9 |
|
| 45 |
| vulnerability |
VCID-qpvd-b2ru-d7a3 |
|
| 46 |
| vulnerability |
VCID-qtct-kbdm-z7ed |
|
| 47 |
| vulnerability |
VCID-qw96-udhq-q7b6 |
|
| 48 |
| vulnerability |
VCID-r61c-726k-bfh5 |
|
| 49 |
| vulnerability |
VCID-rrcc-k1cq-5ugw |
|
| 50 |
| vulnerability |
VCID-t296-efx6-1yba |
|
| 51 |
| vulnerability |
VCID-t414-nm3b-cfev |
|
| 52 |
| vulnerability |
VCID-tk2g-6m19-yqg3 |
|
| 53 |
| vulnerability |
VCID-u1x7-9n1d-8qb3 |
|
| 54 |
| vulnerability |
VCID-urzt-z32b-97dp |
|
| 55 |
| vulnerability |
VCID-v25d-upc8-wfh4 |
|
| 56 |
| vulnerability |
VCID-vsx2-9wna-nuf2 |
|
| 57 |
| vulnerability |
VCID-wtyd-7ppt-23cj |
|
| 58 |
| vulnerability |
VCID-x248-nq74-wbbs |
|
| 59 |
| vulnerability |
VCID-yb4y-39u3-eufg |
|
| 60 |
| vulnerability |
VCID-ztu1-8yz5-tyc6 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvirt@0.9.12.3-1%252Bdeb7u1 |
|
| 1 |
| url |
pkg:deb/debian/libvirt@1.2.1-1~bpo70%2B1 |
| purl |
pkg:deb/debian/libvirt@1.2.1-1~bpo70%2B1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-4sf9-8j9p-3fgz |
|
| 1 |
| vulnerability |
VCID-522f-y6qx-nfhn |
|
| 2 |
| vulnerability |
VCID-53fz-t4zs-7kbk |
|
| 3 |
| vulnerability |
VCID-5th2-yymu-x7hm |
|
| 4 |
| vulnerability |
VCID-6pj3-mq9g-yye9 |
|
| 5 |
| vulnerability |
VCID-75av-3nr7-bkh1 |
|
| 6 |
| vulnerability |
VCID-7ezn-r2xq-c7de |
|
| 7 |
| vulnerability |
VCID-8u2b-ad6e-ukaw |
|
| 8 |
| vulnerability |
VCID-8wxg-1wr8-rfca |
|
| 9 |
| vulnerability |
VCID-9cft-v9u9-fubh |
|
| 10 |
| vulnerability |
VCID-abdh-e635-17cp |
|
| 11 |
| vulnerability |
VCID-bes6-jjfw-tbdx |
|
| 12 |
| vulnerability |
VCID-bzyu-42js-e3e6 |
|
| 13 |
| vulnerability |
VCID-cf81-wpvh-kqa2 |
|
| 14 |
| vulnerability |
VCID-cjpk-feb2-zqds |
|
| 15 |
| vulnerability |
VCID-dqys-qxtq-7yd9 |
|
| 16 |
| vulnerability |
VCID-etr9-c84d-vuhr |
|
| 17 |
| vulnerability |
VCID-g3k9-1rc3-xfhu |
|
| 18 |
| vulnerability |
VCID-g59s-kpjm-dbbg |
|
| 19 |
| vulnerability |
VCID-g94m-69qv-8kgk |
|
| 20 |
| vulnerability |
VCID-gneu-b3qk-q7e4 |
|
| 21 |
| vulnerability |
VCID-j5b5-zjxe-ffhu |
|
| 22 |
| vulnerability |
VCID-j71z-t8bh-wbb4 |
|
| 23 |
| vulnerability |
VCID-jtjs-y7k7-r7ae |
|
| 24 |
| vulnerability |
VCID-k2ku-9mx2-b3a9 |
|
| 25 |
| vulnerability |
VCID-kjnb-e6nd-wudn |
|
| 26 |
| vulnerability |
VCID-kta6-5pt1-27at |
|
| 27 |
| vulnerability |
VCID-mtgm-vqw9-1ubf |
|
| 28 |
| vulnerability |
VCID-myg3-46rj-3qax |
|
| 29 |
| vulnerability |
VCID-n2nm-knaw-gkgx |
|
| 30 |
| vulnerability |
VCID-p3ja-7zqb-mybj |
|
| 31 |
| vulnerability |
VCID-pqyk-2c8e-5yh5 |
|
| 32 |
| vulnerability |
VCID-psr7-vapd-6udz |
|
| 33 |
| vulnerability |
VCID-q2ng-jgm7-8uc9 |
|
| 34 |
| vulnerability |
VCID-r61c-726k-bfh5 |
|
| 35 |
| vulnerability |
VCID-t296-efx6-1yba |
|
| 36 |
| vulnerability |
VCID-t414-nm3b-cfev |
|
| 37 |
| vulnerability |
VCID-tk2g-6m19-yqg3 |
|
| 38 |
| vulnerability |
VCID-u1x7-9n1d-8qb3 |
|
| 39 |
| vulnerability |
VCID-v25d-upc8-wfh4 |
|
| 40 |
| vulnerability |
VCID-vsx2-9wna-nuf2 |
|
| 41 |
| vulnerability |
VCID-wtyd-7ppt-23cj |
|
| 42 |
| vulnerability |
VCID-x248-nq74-wbbs |
|
| 43 |
| vulnerability |
VCID-yb4y-39u3-eufg |
|
| 44 |
| vulnerability |
VCID-ztu1-8yz5-tyc6 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvirt@1.2.1-1~bpo70%252B1 |
|
|
| aliases |
CVE-2013-4296
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-8frc-fhvs-bucm |
|
| 10 |
| url |
VCID-8u2b-ad6e-ukaw |
| vulnerability_id |
VCID-8u2b-ad6e-ukaw |
| summary |
A NULL pointer dereference flaw was discovered in libvirt before version 5.0.0 in the way it gets interface information through the QEMU agent. An attacker in a guest VM can use this flaw to crash libvirtd and cause a denial of service. |
| references |
|
| fixed_packages |
|
| aliases |
CVE-2019-3840
|
| risk_score |
2.6 |
| exploitability |
0.5 |
| weighted_severity |
5.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-8u2b-ad6e-ukaw |
|
| 11 |
| url |
VCID-8wxg-1wr8-rfca |
| vulnerability_id |
VCID-8wxg-1wr8-rfca |
| summary |
libvirt before 1.2.12 allow remote authenticated users to obtain the VNC password by using the VIR_DOMAIN_XML_SECURE flag with a crafted (1) snapshot to the virDomainSnapshotGetXMLDesc interface or (2) image to the virDomainSaveImageGetXMLDesc interface. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:deb/debian/libvirt@1.2.9-9 |
| purl |
pkg:deb/debian/libvirt@1.2.9-9 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-4sf9-8j9p-3fgz |
|
| 1 |
| vulnerability |
VCID-53fz-t4zs-7kbk |
|
| 2 |
| vulnerability |
VCID-6pj3-mq9g-yye9 |
|
| 3 |
| vulnerability |
VCID-75av-3nr7-bkh1 |
|
| 4 |
| vulnerability |
VCID-8u2b-ad6e-ukaw |
|
| 5 |
| vulnerability |
VCID-abdh-e635-17cp |
|
| 6 |
| vulnerability |
VCID-bes6-jjfw-tbdx |
|
| 7 |
| vulnerability |
VCID-bzyu-42js-e3e6 |
|
| 8 |
| vulnerability |
VCID-cf81-wpvh-kqa2 |
|
| 9 |
| vulnerability |
VCID-cjpk-feb2-zqds |
|
| 10 |
| vulnerability |
VCID-etr9-c84d-vuhr |
|
| 11 |
| vulnerability |
VCID-gneu-b3qk-q7e4 |
|
| 12 |
| vulnerability |
VCID-j5b5-zjxe-ffhu |
|
| 13 |
| vulnerability |
VCID-j71z-t8bh-wbb4 |
|
| 14 |
| vulnerability |
VCID-jtjs-y7k7-r7ae |
|
| 15 |
| vulnerability |
VCID-k2ku-9mx2-b3a9 |
|
| 16 |
| vulnerability |
VCID-kjnb-e6nd-wudn |
|
| 17 |
| vulnerability |
VCID-mtgm-vqw9-1ubf |
|
| 18 |
| vulnerability |
VCID-myg3-46rj-3qax |
|
| 19 |
| vulnerability |
VCID-n2nm-knaw-gkgx |
|
| 20 |
| vulnerability |
VCID-pqyk-2c8e-5yh5 |
|
| 21 |
| vulnerability |
VCID-psr7-vapd-6udz |
|
| 22 |
| vulnerability |
VCID-q2ng-jgm7-8uc9 |
|
| 23 |
| vulnerability |
VCID-r61c-726k-bfh5 |
|
| 24 |
| vulnerability |
VCID-t296-efx6-1yba |
|
| 25 |
| vulnerability |
VCID-t414-nm3b-cfev |
|
| 26 |
| vulnerability |
VCID-tk2g-6m19-yqg3 |
|
| 27 |
| vulnerability |
VCID-v25d-upc8-wfh4 |
|
| 28 |
| vulnerability |
VCID-wtyd-7ppt-23cj |
|
| 29 |
| vulnerability |
VCID-x248-nq74-wbbs |
|
| 30 |
| vulnerability |
VCID-ztu1-8yz5-tyc6 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvirt@1.2.9-9 |
|
|
| aliases |
CVE-2015-0236
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-8wxg-1wr8-rfca |
|
| 12 |
| url |
VCID-9cft-v9u9-fubh |
| vulnerability_id |
VCID-9cft-v9u9-fubh |
| summary |
The (1) qemuDomainMigratePerform and (2) qemuDomainMigrateFinish2 functions in qemu/qemu_driver.c in libvirt do not unlock the domain when an ACL check fails, which allow local users to cause a denial of service via unspecified vectors. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:deb/debian/libvirt@1.2.9-9 |
| purl |
pkg:deb/debian/libvirt@1.2.9-9 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-4sf9-8j9p-3fgz |
|
| 1 |
| vulnerability |
VCID-53fz-t4zs-7kbk |
|
| 2 |
| vulnerability |
VCID-6pj3-mq9g-yye9 |
|
| 3 |
| vulnerability |
VCID-75av-3nr7-bkh1 |
|
| 4 |
| vulnerability |
VCID-8u2b-ad6e-ukaw |
|
| 5 |
| vulnerability |
VCID-abdh-e635-17cp |
|
| 6 |
| vulnerability |
VCID-bes6-jjfw-tbdx |
|
| 7 |
| vulnerability |
VCID-bzyu-42js-e3e6 |
|
| 8 |
| vulnerability |
VCID-cf81-wpvh-kqa2 |
|
| 9 |
| vulnerability |
VCID-cjpk-feb2-zqds |
|
| 10 |
| vulnerability |
VCID-etr9-c84d-vuhr |
|
| 11 |
| vulnerability |
VCID-gneu-b3qk-q7e4 |
|
| 12 |
| vulnerability |
VCID-j5b5-zjxe-ffhu |
|
| 13 |
| vulnerability |
VCID-j71z-t8bh-wbb4 |
|
| 14 |
| vulnerability |
VCID-jtjs-y7k7-r7ae |
|
| 15 |
| vulnerability |
VCID-k2ku-9mx2-b3a9 |
|
| 16 |
| vulnerability |
VCID-kjnb-e6nd-wudn |
|
| 17 |
| vulnerability |
VCID-mtgm-vqw9-1ubf |
|
| 18 |
| vulnerability |
VCID-myg3-46rj-3qax |
|
| 19 |
| vulnerability |
VCID-n2nm-knaw-gkgx |
|
| 20 |
| vulnerability |
VCID-pqyk-2c8e-5yh5 |
|
| 21 |
| vulnerability |
VCID-psr7-vapd-6udz |
|
| 22 |
| vulnerability |
VCID-q2ng-jgm7-8uc9 |
|
| 23 |
| vulnerability |
VCID-r61c-726k-bfh5 |
|
| 24 |
| vulnerability |
VCID-t296-efx6-1yba |
|
| 25 |
| vulnerability |
VCID-t414-nm3b-cfev |
|
| 26 |
| vulnerability |
VCID-tk2g-6m19-yqg3 |
|
| 27 |
| vulnerability |
VCID-v25d-upc8-wfh4 |
|
| 28 |
| vulnerability |
VCID-wtyd-7ppt-23cj |
|
| 29 |
| vulnerability |
VCID-x248-nq74-wbbs |
|
| 30 |
| vulnerability |
VCID-ztu1-8yz5-tyc6 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvirt@1.2.9-9 |
|
|
| aliases |
CVE-2014-8136
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-9cft-v9u9-fubh |
|
| 13 |
|
| 14 |
| url |
VCID-b83z-k3uw-sqfs |
| vulnerability_id |
VCID-b83z-k3uw-sqfs |
| summary |
The virSecurityManagerGetPrivateData function in security/security_manager.c in libvirt 0.8.8 through 0.9.1 uses the wrong argument for a sizeof call, which causes incorrect processing of "security manager private data" that "reopens disk probing" and might allow guest OS users to read arbitrary files on the host OS. NOTE: this vulnerability exists because of a CVE-2010-2238 regression. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:deb/debian/libvirt@0.9.12.3-1%2Bdeb7u1 |
| purl |
pkg:deb/debian/libvirt@0.9.12.3-1%2Bdeb7u1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-4sf9-8j9p-3fgz |
|
| 1 |
| vulnerability |
VCID-522f-y6qx-nfhn |
|
| 2 |
| vulnerability |
VCID-53fz-t4zs-7kbk |
|
| 3 |
| vulnerability |
VCID-5th2-yymu-x7hm |
|
| 4 |
| vulnerability |
VCID-6pj3-mq9g-yye9 |
|
| 5 |
| vulnerability |
VCID-75av-3nr7-bkh1 |
|
| 6 |
| vulnerability |
VCID-7ezn-r2xq-c7de |
|
| 7 |
| vulnerability |
VCID-7ks5-8e2n-tua4 |
|
| 8 |
| vulnerability |
VCID-8fmd-jdpb-v7eb |
|
| 9 |
| vulnerability |
VCID-8frc-fhvs-bucm |
|
| 10 |
| vulnerability |
VCID-8u2b-ad6e-ukaw |
|
| 11 |
| vulnerability |
VCID-8wxg-1wr8-rfca |
|
| 12 |
| vulnerability |
VCID-9cft-v9u9-fubh |
|
| 13 |
| vulnerability |
VCID-abdh-e635-17cp |
|
| 14 |
| vulnerability |
VCID-bes6-jjfw-tbdx |
|
| 15 |
| vulnerability |
VCID-bw47-fewt-2fax |
|
| 16 |
| vulnerability |
VCID-bzyu-42js-e3e6 |
|
| 17 |
| vulnerability |
VCID-cf81-wpvh-kqa2 |
|
| 18 |
| vulnerability |
VCID-cjpk-feb2-zqds |
|
| 19 |
| vulnerability |
VCID-db3h-q8fp-b3ds |
|
| 20 |
| vulnerability |
VCID-dqys-qxtq-7yd9 |
|
| 21 |
| vulnerability |
VCID-etr9-c84d-vuhr |
|
| 22 |
| vulnerability |
VCID-g2pc-1es2-3qer |
|
| 23 |
| vulnerability |
VCID-g3k9-1rc3-xfhu |
|
| 24 |
| vulnerability |
VCID-g59s-kpjm-dbbg |
|
| 25 |
| vulnerability |
VCID-g94m-69qv-8kgk |
|
| 26 |
| vulnerability |
VCID-gneu-b3qk-q7e4 |
|
| 27 |
| vulnerability |
VCID-h8hd-mdcx-tben |
|
| 28 |
| vulnerability |
VCID-j5b5-zjxe-ffhu |
|
| 29 |
| vulnerability |
VCID-j71z-t8bh-wbb4 |
|
| 30 |
| vulnerability |
VCID-jtjs-y7k7-r7ae |
|
| 31 |
| vulnerability |
VCID-jzhx-dfgg-37ct |
|
| 32 |
| vulnerability |
VCID-k2ku-9mx2-b3a9 |
|
| 33 |
| vulnerability |
VCID-kjnb-e6nd-wudn |
|
| 34 |
| vulnerability |
VCID-kn2h-kurp-pbcc |
|
| 35 |
| vulnerability |
VCID-kqsz-xg9j-ukeu |
|
| 36 |
| vulnerability |
VCID-kta6-5pt1-27at |
|
| 37 |
| vulnerability |
VCID-mtgm-vqw9-1ubf |
|
| 38 |
| vulnerability |
VCID-myg3-46rj-3qax |
|
| 39 |
| vulnerability |
VCID-mzv1-uhwm-fqd2 |
|
| 40 |
| vulnerability |
VCID-n2nm-knaw-gkgx |
|
| 41 |
| vulnerability |
VCID-p3ja-7zqb-mybj |
|
| 42 |
| vulnerability |
VCID-pqyk-2c8e-5yh5 |
|
| 43 |
| vulnerability |
VCID-psr7-vapd-6udz |
|
| 44 |
| vulnerability |
VCID-q2ng-jgm7-8uc9 |
|
| 45 |
| vulnerability |
VCID-qpvd-b2ru-d7a3 |
|
| 46 |
| vulnerability |
VCID-qtct-kbdm-z7ed |
|
| 47 |
| vulnerability |
VCID-qw96-udhq-q7b6 |
|
| 48 |
| vulnerability |
VCID-r61c-726k-bfh5 |
|
| 49 |
| vulnerability |
VCID-rrcc-k1cq-5ugw |
|
| 50 |
| vulnerability |
VCID-t296-efx6-1yba |
|
| 51 |
| vulnerability |
VCID-t414-nm3b-cfev |
|
| 52 |
| vulnerability |
VCID-tk2g-6m19-yqg3 |
|
| 53 |
| vulnerability |
VCID-u1x7-9n1d-8qb3 |
|
| 54 |
| vulnerability |
VCID-urzt-z32b-97dp |
|
| 55 |
| vulnerability |
VCID-v25d-upc8-wfh4 |
|
| 56 |
| vulnerability |
VCID-vsx2-9wna-nuf2 |
|
| 57 |
| vulnerability |
VCID-wtyd-7ppt-23cj |
|
| 58 |
| vulnerability |
VCID-x248-nq74-wbbs |
|
| 59 |
| vulnerability |
VCID-yb4y-39u3-eufg |
|
| 60 |
| vulnerability |
VCID-ztu1-8yz5-tyc6 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvirt@0.9.12.3-1%252Bdeb7u1 |
|
|
| aliases |
CVE-2011-2178
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-b83z-k3uw-sqfs |
|
| 15 |
| url |
VCID-bes6-jjfw-tbdx |
| vulnerability_id |
VCID-bes6-jjfw-tbdx |
| summary |
libvirt-domain.c in libvirt before 1.3.1 supports virDomainGetTime API calls by guest agents with an RO connection, even though an RW connection was supposed to be required, a different vulnerability than CVE-2019-3886. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:deb/debian/libvirt@3.0.0-4%2Bdeb9u2~bpo8%2B1 |
| purl |
pkg:deb/debian/libvirt@3.0.0-4%2Bdeb9u2~bpo8%2B1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-4sf9-8j9p-3fgz |
|
| 1 |
| vulnerability |
VCID-53fz-t4zs-7kbk |
|
| 2 |
| vulnerability |
VCID-6pj3-mq9g-yye9 |
|
| 3 |
| vulnerability |
VCID-8u2b-ad6e-ukaw |
|
| 4 |
| vulnerability |
VCID-abdh-e635-17cp |
|
| 5 |
| vulnerability |
VCID-bzyu-42js-e3e6 |
|
| 6 |
| vulnerability |
VCID-cf81-wpvh-kqa2 |
|
| 7 |
| vulnerability |
VCID-cjpk-feb2-zqds |
|
| 8 |
| vulnerability |
VCID-etr9-c84d-vuhr |
|
| 9 |
| vulnerability |
VCID-gneu-b3qk-q7e4 |
|
| 10 |
| vulnerability |
VCID-j71z-t8bh-wbb4 |
|
| 11 |
| vulnerability |
VCID-jtjs-y7k7-r7ae |
|
| 12 |
| vulnerability |
VCID-kjnb-e6nd-wudn |
|
| 13 |
| vulnerability |
VCID-mtgm-vqw9-1ubf |
|
| 14 |
| vulnerability |
VCID-myg3-46rj-3qax |
|
| 15 |
| vulnerability |
VCID-n2nm-knaw-gkgx |
|
| 16 |
| vulnerability |
VCID-pqyk-2c8e-5yh5 |
|
| 17 |
| vulnerability |
VCID-psr7-vapd-6udz |
|
| 18 |
| vulnerability |
VCID-q2ng-jgm7-8uc9 |
|
| 19 |
| vulnerability |
VCID-r61c-726k-bfh5 |
|
| 20 |
| vulnerability |
VCID-t296-efx6-1yba |
|
| 21 |
| vulnerability |
VCID-t414-nm3b-cfev |
|
| 22 |
| vulnerability |
VCID-v25d-upc8-wfh4 |
|
| 23 |
| vulnerability |
VCID-wtyd-7ppt-23cj |
|
| 24 |
| vulnerability |
VCID-ztu1-8yz5-tyc6 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvirt@3.0.0-4%252Bdeb9u2~bpo8%252B1 |
|
|
| aliases |
CVE-2016-10746
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-bes6-jjfw-tbdx |
|
| 16 |
| url |
VCID-bw47-fewt-2fax |
| vulnerability_id |
VCID-bw47-fewt-2fax |
| summary |
Double free vulnerability in the virConnectListAllInterfaces method in interface/interface_backend_netcf.c in libvirt 1.0.6 allows remote attackers to cause a denial of service (libvirtd crash) via a filtering flag that causes an interface to be skipped, as demonstrated by the "virsh iface-list --inactive" command. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:deb/debian/libvirt@1.2.1-1~bpo70%2B1 |
| purl |
pkg:deb/debian/libvirt@1.2.1-1~bpo70%2B1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-4sf9-8j9p-3fgz |
|
| 1 |
| vulnerability |
VCID-522f-y6qx-nfhn |
|
| 2 |
| vulnerability |
VCID-53fz-t4zs-7kbk |
|
| 3 |
| vulnerability |
VCID-5th2-yymu-x7hm |
|
| 4 |
| vulnerability |
VCID-6pj3-mq9g-yye9 |
|
| 5 |
| vulnerability |
VCID-75av-3nr7-bkh1 |
|
| 6 |
| vulnerability |
VCID-7ezn-r2xq-c7de |
|
| 7 |
| vulnerability |
VCID-8u2b-ad6e-ukaw |
|
| 8 |
| vulnerability |
VCID-8wxg-1wr8-rfca |
|
| 9 |
| vulnerability |
VCID-9cft-v9u9-fubh |
|
| 10 |
| vulnerability |
VCID-abdh-e635-17cp |
|
| 11 |
| vulnerability |
VCID-bes6-jjfw-tbdx |
|
| 12 |
| vulnerability |
VCID-bzyu-42js-e3e6 |
|
| 13 |
| vulnerability |
VCID-cf81-wpvh-kqa2 |
|
| 14 |
| vulnerability |
VCID-cjpk-feb2-zqds |
|
| 15 |
| vulnerability |
VCID-dqys-qxtq-7yd9 |
|
| 16 |
| vulnerability |
VCID-etr9-c84d-vuhr |
|
| 17 |
| vulnerability |
VCID-g3k9-1rc3-xfhu |
|
| 18 |
| vulnerability |
VCID-g59s-kpjm-dbbg |
|
| 19 |
| vulnerability |
VCID-g94m-69qv-8kgk |
|
| 20 |
| vulnerability |
VCID-gneu-b3qk-q7e4 |
|
| 21 |
| vulnerability |
VCID-j5b5-zjxe-ffhu |
|
| 22 |
| vulnerability |
VCID-j71z-t8bh-wbb4 |
|
| 23 |
| vulnerability |
VCID-jtjs-y7k7-r7ae |
|
| 24 |
| vulnerability |
VCID-k2ku-9mx2-b3a9 |
|
| 25 |
| vulnerability |
VCID-kjnb-e6nd-wudn |
|
| 26 |
| vulnerability |
VCID-kta6-5pt1-27at |
|
| 27 |
| vulnerability |
VCID-mtgm-vqw9-1ubf |
|
| 28 |
| vulnerability |
VCID-myg3-46rj-3qax |
|
| 29 |
| vulnerability |
VCID-n2nm-knaw-gkgx |
|
| 30 |
| vulnerability |
VCID-p3ja-7zqb-mybj |
|
| 31 |
| vulnerability |
VCID-pqyk-2c8e-5yh5 |
|
| 32 |
| vulnerability |
VCID-psr7-vapd-6udz |
|
| 33 |
| vulnerability |
VCID-q2ng-jgm7-8uc9 |
|
| 34 |
| vulnerability |
VCID-r61c-726k-bfh5 |
|
| 35 |
| vulnerability |
VCID-t296-efx6-1yba |
|
| 36 |
| vulnerability |
VCID-t414-nm3b-cfev |
|
| 37 |
| vulnerability |
VCID-tk2g-6m19-yqg3 |
|
| 38 |
| vulnerability |
VCID-u1x7-9n1d-8qb3 |
|
| 39 |
| vulnerability |
VCID-v25d-upc8-wfh4 |
|
| 40 |
| vulnerability |
VCID-vsx2-9wna-nuf2 |
|
| 41 |
| vulnerability |
VCID-wtyd-7ppt-23cj |
|
| 42 |
| vulnerability |
VCID-x248-nq74-wbbs |
|
| 43 |
| vulnerability |
VCID-yb4y-39u3-eufg |
|
| 44 |
| vulnerability |
VCID-ztu1-8yz5-tyc6 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvirt@1.2.1-1~bpo70%252B1 |
|
|
| aliases |
CVE-2013-2218
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-bw47-fewt-2fax |
|
| 17 |
| url |
VCID-bzyu-42js-e3e6 |
| vulnerability_id |
VCID-bzyu-42js-e3e6 |
| summary |
A vulnerability was found in libvirt >= 4.1.0 in the virtlockd-admin.socket and virtlogd-admin.socket systemd units. A missing SocketMode configuration parameter allows any user on the host to connect using virtlockd-admin-sock or virtlogd-admin-sock and perform administrative tasks against the virtlockd and virtlogd daemons. |
| references |
|
| fixed_packages |
|
| aliases |
CVE-2019-10132
|
| risk_score |
4.0 |
| exploitability |
0.5 |
| weighted_severity |
7.9 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-bzyu-42js-e3e6 |
|
| 18 |
|
| 19 |
| url |
VCID-cjpk-feb2-zqds |
| vulnerability_id |
VCID-cjpk-feb2-zqds |
| summary |
A flaw was found in the libvirt libxl driver. A malicious guest could continuously reboot itself and cause libvirtd on the host to deadlock or crash, resulting in a denial of service condition. |
| references |
|
| fixed_packages |
|
| aliases |
CVE-2021-4147
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-cjpk-feb2-zqds |
|
| 20 |
| url |
VCID-db3h-q8fp-b3ds |
| vulnerability_id |
VCID-db3h-q8fp-b3ds |
| summary |
The lxcDomainGetMemoryParameters method in lxc/lxc_driver.c in libvirt 1.0.5 through 1.2.0 does not properly check the status of LXC guests when reading memory tunables, which allows local users to cause a denial of service (NULL pointer dereference and libvirtd crash) via a guest in the shutdown status, as demonstrated by the "virsh memtune" command. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:deb/debian/libvirt@1.2.1-1~bpo70%2B1 |
| purl |
pkg:deb/debian/libvirt@1.2.1-1~bpo70%2B1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-4sf9-8j9p-3fgz |
|
| 1 |
| vulnerability |
VCID-522f-y6qx-nfhn |
|
| 2 |
| vulnerability |
VCID-53fz-t4zs-7kbk |
|
| 3 |
| vulnerability |
VCID-5th2-yymu-x7hm |
|
| 4 |
| vulnerability |
VCID-6pj3-mq9g-yye9 |
|
| 5 |
| vulnerability |
VCID-75av-3nr7-bkh1 |
|
| 6 |
| vulnerability |
VCID-7ezn-r2xq-c7de |
|
| 7 |
| vulnerability |
VCID-8u2b-ad6e-ukaw |
|
| 8 |
| vulnerability |
VCID-8wxg-1wr8-rfca |
|
| 9 |
| vulnerability |
VCID-9cft-v9u9-fubh |
|
| 10 |
| vulnerability |
VCID-abdh-e635-17cp |
|
| 11 |
| vulnerability |
VCID-bes6-jjfw-tbdx |
|
| 12 |
| vulnerability |
VCID-bzyu-42js-e3e6 |
|
| 13 |
| vulnerability |
VCID-cf81-wpvh-kqa2 |
|
| 14 |
| vulnerability |
VCID-cjpk-feb2-zqds |
|
| 15 |
| vulnerability |
VCID-dqys-qxtq-7yd9 |
|
| 16 |
| vulnerability |
VCID-etr9-c84d-vuhr |
|
| 17 |
| vulnerability |
VCID-g3k9-1rc3-xfhu |
|
| 18 |
| vulnerability |
VCID-g59s-kpjm-dbbg |
|
| 19 |
| vulnerability |
VCID-g94m-69qv-8kgk |
|
| 20 |
| vulnerability |
VCID-gneu-b3qk-q7e4 |
|
| 21 |
| vulnerability |
VCID-j5b5-zjxe-ffhu |
|
| 22 |
| vulnerability |
VCID-j71z-t8bh-wbb4 |
|
| 23 |
| vulnerability |
VCID-jtjs-y7k7-r7ae |
|
| 24 |
| vulnerability |
VCID-k2ku-9mx2-b3a9 |
|
| 25 |
| vulnerability |
VCID-kjnb-e6nd-wudn |
|
| 26 |
| vulnerability |
VCID-kta6-5pt1-27at |
|
| 27 |
| vulnerability |
VCID-mtgm-vqw9-1ubf |
|
| 28 |
| vulnerability |
VCID-myg3-46rj-3qax |
|
| 29 |
| vulnerability |
VCID-n2nm-knaw-gkgx |
|
| 30 |
| vulnerability |
VCID-p3ja-7zqb-mybj |
|
| 31 |
| vulnerability |
VCID-pqyk-2c8e-5yh5 |
|
| 32 |
| vulnerability |
VCID-psr7-vapd-6udz |
|
| 33 |
| vulnerability |
VCID-q2ng-jgm7-8uc9 |
|
| 34 |
| vulnerability |
VCID-r61c-726k-bfh5 |
|
| 35 |
| vulnerability |
VCID-t296-efx6-1yba |
|
| 36 |
| vulnerability |
VCID-t414-nm3b-cfev |
|
| 37 |
| vulnerability |
VCID-tk2g-6m19-yqg3 |
|
| 38 |
| vulnerability |
VCID-u1x7-9n1d-8qb3 |
|
| 39 |
| vulnerability |
VCID-v25d-upc8-wfh4 |
|
| 40 |
| vulnerability |
VCID-vsx2-9wna-nuf2 |
|
| 41 |
| vulnerability |
VCID-wtyd-7ppt-23cj |
|
| 42 |
| vulnerability |
VCID-x248-nq74-wbbs |
|
| 43 |
| vulnerability |
VCID-yb4y-39u3-eufg |
|
| 44 |
| vulnerability |
VCID-ztu1-8yz5-tyc6 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvirt@1.2.1-1~bpo70%252B1 |
|
|
| aliases |
CVE-2013-6436
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-db3h-q8fp-b3ds |
|
| 21 |
| url |
VCID-dqys-qxtq-7yd9 |
| vulnerability_id |
VCID-dqys-qxtq-7yd9 |
| summary |
libvirt 1.1.1 through 1.2.0 allows context-dependent attackers to bypass the domain:getattr and connect:search_domains restrictions in ACLs and obtain sensitive domain object information via a request to the (1) virConnectDomainEventRegister and (2) virConnectDomainEventRegisterAny functions in the event registration API. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:deb/debian/libvirt@1.2.4-1~bpo70%2B1.1 |
| purl |
pkg:deb/debian/libvirt@1.2.4-1~bpo70%2B1.1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-4sf9-8j9p-3fgz |
|
| 1 |
| vulnerability |
VCID-522f-y6qx-nfhn |
|
| 2 |
| vulnerability |
VCID-53fz-t4zs-7kbk |
|
| 3 |
| vulnerability |
VCID-6pj3-mq9g-yye9 |
|
| 4 |
| vulnerability |
VCID-75av-3nr7-bkh1 |
|
| 5 |
| vulnerability |
VCID-7ezn-r2xq-c7de |
|
| 6 |
| vulnerability |
VCID-8u2b-ad6e-ukaw |
|
| 7 |
| vulnerability |
VCID-8wxg-1wr8-rfca |
|
| 8 |
| vulnerability |
VCID-9cft-v9u9-fubh |
|
| 9 |
| vulnerability |
VCID-abdh-e635-17cp |
|
| 10 |
| vulnerability |
VCID-bes6-jjfw-tbdx |
|
| 11 |
| vulnerability |
VCID-bzyu-42js-e3e6 |
|
| 12 |
| vulnerability |
VCID-cf81-wpvh-kqa2 |
|
| 13 |
| vulnerability |
VCID-cjpk-feb2-zqds |
|
| 14 |
| vulnerability |
VCID-etr9-c84d-vuhr |
|
| 15 |
| vulnerability |
VCID-g59s-kpjm-dbbg |
|
| 16 |
| vulnerability |
VCID-g94m-69qv-8kgk |
|
| 17 |
| vulnerability |
VCID-gneu-b3qk-q7e4 |
|
| 18 |
| vulnerability |
VCID-j5b5-zjxe-ffhu |
|
| 19 |
| vulnerability |
VCID-j71z-t8bh-wbb4 |
|
| 20 |
| vulnerability |
VCID-jtjs-y7k7-r7ae |
|
| 21 |
| vulnerability |
VCID-k2ku-9mx2-b3a9 |
|
| 22 |
| vulnerability |
VCID-kjnb-e6nd-wudn |
|
| 23 |
| vulnerability |
VCID-kta6-5pt1-27at |
|
| 24 |
| vulnerability |
VCID-mtgm-vqw9-1ubf |
|
| 25 |
| vulnerability |
VCID-myg3-46rj-3qax |
|
| 26 |
| vulnerability |
VCID-n2nm-knaw-gkgx |
|
| 27 |
| vulnerability |
VCID-pqyk-2c8e-5yh5 |
|
| 28 |
| vulnerability |
VCID-psr7-vapd-6udz |
|
| 29 |
| vulnerability |
VCID-q2ng-jgm7-8uc9 |
|
| 30 |
| vulnerability |
VCID-r61c-726k-bfh5 |
|
| 31 |
| vulnerability |
VCID-t296-efx6-1yba |
|
| 32 |
| vulnerability |
VCID-t414-nm3b-cfev |
|
| 33 |
| vulnerability |
VCID-tk2g-6m19-yqg3 |
|
| 34 |
| vulnerability |
VCID-v25d-upc8-wfh4 |
|
| 35 |
| vulnerability |
VCID-vsx2-9wna-nuf2 |
|
| 36 |
| vulnerability |
VCID-wtyd-7ppt-23cj |
|
| 37 |
| vulnerability |
VCID-x248-nq74-wbbs |
|
| 38 |
| vulnerability |
VCID-yb4y-39u3-eufg |
|
| 39 |
| vulnerability |
VCID-ztu1-8yz5-tyc6 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvirt@1.2.4-1~bpo70%252B1.1 |
|
|
| aliases |
CVE-2014-0028
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-dqys-qxtq-7yd9 |
|
| 22 |
| url |
VCID-etr9-c84d-vuhr |
| vulnerability_id |
VCID-etr9-c84d-vuhr |
| summary |
The virConnectBaselineHypervisorCPU() and virConnectCompareHypervisorCPU() libvirt APIs, 4.x.x before 4.10.1 and 5.x.x before 5.4.1, accept an "emulator" argument to specify the program providing emulation for a domain. Since v1.2.19, libvirt will execute that program to probe the domain's capabilities. Read-only clients could specify an arbitrary path for this argument, causing libvirtd to execute a crafted executable with its own privileges. |
| references |
|
| fixed_packages |
|
| aliases |
CVE-2019-10168
|
| risk_score |
4.0 |
| exploitability |
0.5 |
| weighted_severity |
7.9 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-etr9-c84d-vuhr |
|
| 23 |
| url |
VCID-g2pc-1es2-3qer |
| vulnerability_id |
VCID-g2pc-1es2-3qer |
| summary |
The remoteClientFreeFunc function in daemon/remote.c in libvirt before 1.1.3, when ACLs are used, does not set an identity, which causes event handler removal to be denied and remote attackers to cause a denial of service (use-after-free and crash) by registering an event handler and then closing the connection. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:deb/debian/libvirt@1.2.1-1~bpo70%2B1 |
| purl |
pkg:deb/debian/libvirt@1.2.1-1~bpo70%2B1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-4sf9-8j9p-3fgz |
|
| 1 |
| vulnerability |
VCID-522f-y6qx-nfhn |
|
| 2 |
| vulnerability |
VCID-53fz-t4zs-7kbk |
|
| 3 |
| vulnerability |
VCID-5th2-yymu-x7hm |
|
| 4 |
| vulnerability |
VCID-6pj3-mq9g-yye9 |
|
| 5 |
| vulnerability |
VCID-75av-3nr7-bkh1 |
|
| 6 |
| vulnerability |
VCID-7ezn-r2xq-c7de |
|
| 7 |
| vulnerability |
VCID-8u2b-ad6e-ukaw |
|
| 8 |
| vulnerability |
VCID-8wxg-1wr8-rfca |
|
| 9 |
| vulnerability |
VCID-9cft-v9u9-fubh |
|
| 10 |
| vulnerability |
VCID-abdh-e635-17cp |
|
| 11 |
| vulnerability |
VCID-bes6-jjfw-tbdx |
|
| 12 |
| vulnerability |
VCID-bzyu-42js-e3e6 |
|
| 13 |
| vulnerability |
VCID-cf81-wpvh-kqa2 |
|
| 14 |
| vulnerability |
VCID-cjpk-feb2-zqds |
|
| 15 |
| vulnerability |
VCID-dqys-qxtq-7yd9 |
|
| 16 |
| vulnerability |
VCID-etr9-c84d-vuhr |
|
| 17 |
| vulnerability |
VCID-g3k9-1rc3-xfhu |
|
| 18 |
| vulnerability |
VCID-g59s-kpjm-dbbg |
|
| 19 |
| vulnerability |
VCID-g94m-69qv-8kgk |
|
| 20 |
| vulnerability |
VCID-gneu-b3qk-q7e4 |
|
| 21 |
| vulnerability |
VCID-j5b5-zjxe-ffhu |
|
| 22 |
| vulnerability |
VCID-j71z-t8bh-wbb4 |
|
| 23 |
| vulnerability |
VCID-jtjs-y7k7-r7ae |
|
| 24 |
| vulnerability |
VCID-k2ku-9mx2-b3a9 |
|
| 25 |
| vulnerability |
VCID-kjnb-e6nd-wudn |
|
| 26 |
| vulnerability |
VCID-kta6-5pt1-27at |
|
| 27 |
| vulnerability |
VCID-mtgm-vqw9-1ubf |
|
| 28 |
| vulnerability |
VCID-myg3-46rj-3qax |
|
| 29 |
| vulnerability |
VCID-n2nm-knaw-gkgx |
|
| 30 |
| vulnerability |
VCID-p3ja-7zqb-mybj |
|
| 31 |
| vulnerability |
VCID-pqyk-2c8e-5yh5 |
|
| 32 |
| vulnerability |
VCID-psr7-vapd-6udz |
|
| 33 |
| vulnerability |
VCID-q2ng-jgm7-8uc9 |
|
| 34 |
| vulnerability |
VCID-r61c-726k-bfh5 |
|
| 35 |
| vulnerability |
VCID-t296-efx6-1yba |
|
| 36 |
| vulnerability |
VCID-t414-nm3b-cfev |
|
| 37 |
| vulnerability |
VCID-tk2g-6m19-yqg3 |
|
| 38 |
| vulnerability |
VCID-u1x7-9n1d-8qb3 |
|
| 39 |
| vulnerability |
VCID-v25d-upc8-wfh4 |
|
| 40 |
| vulnerability |
VCID-vsx2-9wna-nuf2 |
|
| 41 |
| vulnerability |
VCID-wtyd-7ppt-23cj |
|
| 42 |
| vulnerability |
VCID-x248-nq74-wbbs |
|
| 43 |
| vulnerability |
VCID-yb4y-39u3-eufg |
|
| 44 |
| vulnerability |
VCID-ztu1-8yz5-tyc6 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvirt@1.2.1-1~bpo70%252B1 |
|
|
| aliases |
CVE-2013-4399
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-g2pc-1es2-3qer |
|
| 24 |
| url |
VCID-g3k9-1rc3-xfhu |
| vulnerability_id |
VCID-g3k9-1rc3-xfhu |
| summary |
The LXC driver (lxc/lxc_driver.c) in libvirt 1.0.1 through 1.2.1 allows local users to (1) delete arbitrary host devices via the virDomainDeviceDettach API and a symlink attack on /dev in the container; (2) create arbitrary nodes (mknod) via the virDomainDeviceAttach API and a symlink attack on /dev in the container; and cause a denial of service (shutdown or reboot host OS) via the (3) virDomainShutdown or (4) virDomainReboot API and a symlink attack on /dev/initctl in the container, related to "paths under /proc/$PID/root" and the virInitctlSetRunLevel function. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:deb/debian/libvirt@1.2.4-1~bpo70%2B1.1 |
| purl |
pkg:deb/debian/libvirt@1.2.4-1~bpo70%2B1.1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-4sf9-8j9p-3fgz |
|
| 1 |
| vulnerability |
VCID-522f-y6qx-nfhn |
|
| 2 |
| vulnerability |
VCID-53fz-t4zs-7kbk |
|
| 3 |
| vulnerability |
VCID-6pj3-mq9g-yye9 |
|
| 4 |
| vulnerability |
VCID-75av-3nr7-bkh1 |
|
| 5 |
| vulnerability |
VCID-7ezn-r2xq-c7de |
|
| 6 |
| vulnerability |
VCID-8u2b-ad6e-ukaw |
|
| 7 |
| vulnerability |
VCID-8wxg-1wr8-rfca |
|
| 8 |
| vulnerability |
VCID-9cft-v9u9-fubh |
|
| 9 |
| vulnerability |
VCID-abdh-e635-17cp |
|
| 10 |
| vulnerability |
VCID-bes6-jjfw-tbdx |
|
| 11 |
| vulnerability |
VCID-bzyu-42js-e3e6 |
|
| 12 |
| vulnerability |
VCID-cf81-wpvh-kqa2 |
|
| 13 |
| vulnerability |
VCID-cjpk-feb2-zqds |
|
| 14 |
| vulnerability |
VCID-etr9-c84d-vuhr |
|
| 15 |
| vulnerability |
VCID-g59s-kpjm-dbbg |
|
| 16 |
| vulnerability |
VCID-g94m-69qv-8kgk |
|
| 17 |
| vulnerability |
VCID-gneu-b3qk-q7e4 |
|
| 18 |
| vulnerability |
VCID-j5b5-zjxe-ffhu |
|
| 19 |
| vulnerability |
VCID-j71z-t8bh-wbb4 |
|
| 20 |
| vulnerability |
VCID-jtjs-y7k7-r7ae |
|
| 21 |
| vulnerability |
VCID-k2ku-9mx2-b3a9 |
|
| 22 |
| vulnerability |
VCID-kjnb-e6nd-wudn |
|
| 23 |
| vulnerability |
VCID-kta6-5pt1-27at |
|
| 24 |
| vulnerability |
VCID-mtgm-vqw9-1ubf |
|
| 25 |
| vulnerability |
VCID-myg3-46rj-3qax |
|
| 26 |
| vulnerability |
VCID-n2nm-knaw-gkgx |
|
| 27 |
| vulnerability |
VCID-pqyk-2c8e-5yh5 |
|
| 28 |
| vulnerability |
VCID-psr7-vapd-6udz |
|
| 29 |
| vulnerability |
VCID-q2ng-jgm7-8uc9 |
|
| 30 |
| vulnerability |
VCID-r61c-726k-bfh5 |
|
| 31 |
| vulnerability |
VCID-t296-efx6-1yba |
|
| 32 |
| vulnerability |
VCID-t414-nm3b-cfev |
|
| 33 |
| vulnerability |
VCID-tk2g-6m19-yqg3 |
|
| 34 |
| vulnerability |
VCID-v25d-upc8-wfh4 |
|
| 35 |
| vulnerability |
VCID-vsx2-9wna-nuf2 |
|
| 36 |
| vulnerability |
VCID-wtyd-7ppt-23cj |
|
| 37 |
| vulnerability |
VCID-x248-nq74-wbbs |
|
| 38 |
| vulnerability |
VCID-yb4y-39u3-eufg |
|
| 39 |
| vulnerability |
VCID-ztu1-8yz5-tyc6 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvirt@1.2.4-1~bpo70%252B1.1 |
|
|
| aliases |
CVE-2013-6456
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-g3k9-1rc3-xfhu |
|
| 25 |
| url |
VCID-g59s-kpjm-dbbg |
| vulnerability_id |
VCID-g59s-kpjm-dbbg |
| summary |
The virDomainListPopulate function in conf/domain_conf.c in libvirt before 1.2.9 does not clean up the lock on the list of domains, which allows remote attackers to cause a denial of service (deadlock) via a NULL value in the second parameter in the virConnectListAllDomains API command. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:deb/debian/libvirt@1.2.9-9 |
| purl |
pkg:deb/debian/libvirt@1.2.9-9 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-4sf9-8j9p-3fgz |
|
| 1 |
| vulnerability |
VCID-53fz-t4zs-7kbk |
|
| 2 |
| vulnerability |
VCID-6pj3-mq9g-yye9 |
|
| 3 |
| vulnerability |
VCID-75av-3nr7-bkh1 |
|
| 4 |
| vulnerability |
VCID-8u2b-ad6e-ukaw |
|
| 5 |
| vulnerability |
VCID-abdh-e635-17cp |
|
| 6 |
| vulnerability |
VCID-bes6-jjfw-tbdx |
|
| 7 |
| vulnerability |
VCID-bzyu-42js-e3e6 |
|
| 8 |
| vulnerability |
VCID-cf81-wpvh-kqa2 |
|
| 9 |
| vulnerability |
VCID-cjpk-feb2-zqds |
|
| 10 |
| vulnerability |
VCID-etr9-c84d-vuhr |
|
| 11 |
| vulnerability |
VCID-gneu-b3qk-q7e4 |
|
| 12 |
| vulnerability |
VCID-j5b5-zjxe-ffhu |
|
| 13 |
| vulnerability |
VCID-j71z-t8bh-wbb4 |
|
| 14 |
| vulnerability |
VCID-jtjs-y7k7-r7ae |
|
| 15 |
| vulnerability |
VCID-k2ku-9mx2-b3a9 |
|
| 16 |
| vulnerability |
VCID-kjnb-e6nd-wudn |
|
| 17 |
| vulnerability |
VCID-mtgm-vqw9-1ubf |
|
| 18 |
| vulnerability |
VCID-myg3-46rj-3qax |
|
| 19 |
| vulnerability |
VCID-n2nm-knaw-gkgx |
|
| 20 |
| vulnerability |
VCID-pqyk-2c8e-5yh5 |
|
| 21 |
| vulnerability |
VCID-psr7-vapd-6udz |
|
| 22 |
| vulnerability |
VCID-q2ng-jgm7-8uc9 |
|
| 23 |
| vulnerability |
VCID-r61c-726k-bfh5 |
|
| 24 |
| vulnerability |
VCID-t296-efx6-1yba |
|
| 25 |
| vulnerability |
VCID-t414-nm3b-cfev |
|
| 26 |
| vulnerability |
VCID-tk2g-6m19-yqg3 |
|
| 27 |
| vulnerability |
VCID-v25d-upc8-wfh4 |
|
| 28 |
| vulnerability |
VCID-wtyd-7ppt-23cj |
|
| 29 |
| vulnerability |
VCID-x248-nq74-wbbs |
|
| 30 |
| vulnerability |
VCID-ztu1-8yz5-tyc6 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvirt@1.2.9-9 |
|
|
| aliases |
CVE-2014-3657
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-g59s-kpjm-dbbg |
|
| 26 |
| url |
VCID-g94m-69qv-8kgk |
| vulnerability_id |
VCID-g94m-69qv-8kgk |
| summary |
The storageVolUpload function in storage/storage_driver.c in libvirt before 1.2.11 does not check a certain return value, which allows local users to cause a denial of service (NULL pointer dereference and daemon crash) via a crafted offset value in a "virsh vol-upload" command. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:deb/debian/libvirt@1.2.9-9 |
| purl |
pkg:deb/debian/libvirt@1.2.9-9 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-4sf9-8j9p-3fgz |
|
| 1 |
| vulnerability |
VCID-53fz-t4zs-7kbk |
|
| 2 |
| vulnerability |
VCID-6pj3-mq9g-yye9 |
|
| 3 |
| vulnerability |
VCID-75av-3nr7-bkh1 |
|
| 4 |
| vulnerability |
VCID-8u2b-ad6e-ukaw |
|
| 5 |
| vulnerability |
VCID-abdh-e635-17cp |
|
| 6 |
| vulnerability |
VCID-bes6-jjfw-tbdx |
|
| 7 |
| vulnerability |
VCID-bzyu-42js-e3e6 |
|
| 8 |
| vulnerability |
VCID-cf81-wpvh-kqa2 |
|
| 9 |
| vulnerability |
VCID-cjpk-feb2-zqds |
|
| 10 |
| vulnerability |
VCID-etr9-c84d-vuhr |
|
| 11 |
| vulnerability |
VCID-gneu-b3qk-q7e4 |
|
| 12 |
| vulnerability |
VCID-j5b5-zjxe-ffhu |
|
| 13 |
| vulnerability |
VCID-j71z-t8bh-wbb4 |
|
| 14 |
| vulnerability |
VCID-jtjs-y7k7-r7ae |
|
| 15 |
| vulnerability |
VCID-k2ku-9mx2-b3a9 |
|
| 16 |
| vulnerability |
VCID-kjnb-e6nd-wudn |
|
| 17 |
| vulnerability |
VCID-mtgm-vqw9-1ubf |
|
| 18 |
| vulnerability |
VCID-myg3-46rj-3qax |
|
| 19 |
| vulnerability |
VCID-n2nm-knaw-gkgx |
|
| 20 |
| vulnerability |
VCID-pqyk-2c8e-5yh5 |
|
| 21 |
| vulnerability |
VCID-psr7-vapd-6udz |
|
| 22 |
| vulnerability |
VCID-q2ng-jgm7-8uc9 |
|
| 23 |
| vulnerability |
VCID-r61c-726k-bfh5 |
|
| 24 |
| vulnerability |
VCID-t296-efx6-1yba |
|
| 25 |
| vulnerability |
VCID-t414-nm3b-cfev |
|
| 26 |
| vulnerability |
VCID-tk2g-6m19-yqg3 |
|
| 27 |
| vulnerability |
VCID-v25d-upc8-wfh4 |
|
| 28 |
| vulnerability |
VCID-wtyd-7ppt-23cj |
|
| 29 |
| vulnerability |
VCID-x248-nq74-wbbs |
|
| 30 |
| vulnerability |
VCID-ztu1-8yz5-tyc6 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvirt@1.2.9-9 |
|
|
| aliases |
CVE-2014-8135
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-g94m-69qv-8kgk |
|
| 27 |
| url |
VCID-gneu-b3qk-q7e4 |
| vulnerability_id |
VCID-gneu-b3qk-q7e4 |
| summary |
A flaw was found in the RPC library APIs of libvirt. The RPC server deserialization code allocates memory for arrays before the non-negative length check is performed by the C API entry points. Passing a negative length to the g_new0 function results in a crash due to the negative length being treated as a huge positive number. This flaw allows a local, unprivileged user to perform a denial of service attack by causing the libvirt daemon to crash. |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
|
| fixed_packages |
|
| aliases |
CVE-2024-2494
|
| risk_score |
2.8 |
| exploitability |
0.5 |
| weighted_severity |
5.6 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-gneu-b3qk-q7e4 |
|
| 28 |
| url |
VCID-h8hd-mdcx-tben |
| vulnerability_id |
VCID-h8hd-mdcx-tben |
| summary |
The virBitmapParse function in util/virbitmap.c in libvirt before 1.1.2 allows context-dependent attackers to cause a denial of service (out-of-bounds read and crash) via a crafted bitmap, as demonstrated by a large nodeset value to numatune. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:deb/debian/libvirt@1.2.1-1~bpo70%2B1 |
| purl |
pkg:deb/debian/libvirt@1.2.1-1~bpo70%2B1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-4sf9-8j9p-3fgz |
|
| 1 |
| vulnerability |
VCID-522f-y6qx-nfhn |
|
| 2 |
| vulnerability |
VCID-53fz-t4zs-7kbk |
|
| 3 |
| vulnerability |
VCID-5th2-yymu-x7hm |
|
| 4 |
| vulnerability |
VCID-6pj3-mq9g-yye9 |
|
| 5 |
| vulnerability |
VCID-75av-3nr7-bkh1 |
|
| 6 |
| vulnerability |
VCID-7ezn-r2xq-c7de |
|
| 7 |
| vulnerability |
VCID-8u2b-ad6e-ukaw |
|
| 8 |
| vulnerability |
VCID-8wxg-1wr8-rfca |
|
| 9 |
| vulnerability |
VCID-9cft-v9u9-fubh |
|
| 10 |
| vulnerability |
VCID-abdh-e635-17cp |
|
| 11 |
| vulnerability |
VCID-bes6-jjfw-tbdx |
|
| 12 |
| vulnerability |
VCID-bzyu-42js-e3e6 |
|
| 13 |
| vulnerability |
VCID-cf81-wpvh-kqa2 |
|
| 14 |
| vulnerability |
VCID-cjpk-feb2-zqds |
|
| 15 |
| vulnerability |
VCID-dqys-qxtq-7yd9 |
|
| 16 |
| vulnerability |
VCID-etr9-c84d-vuhr |
|
| 17 |
| vulnerability |
VCID-g3k9-1rc3-xfhu |
|
| 18 |
| vulnerability |
VCID-g59s-kpjm-dbbg |
|
| 19 |
| vulnerability |
VCID-g94m-69qv-8kgk |
|
| 20 |
| vulnerability |
VCID-gneu-b3qk-q7e4 |
|
| 21 |
| vulnerability |
VCID-j5b5-zjxe-ffhu |
|
| 22 |
| vulnerability |
VCID-j71z-t8bh-wbb4 |
|
| 23 |
| vulnerability |
VCID-jtjs-y7k7-r7ae |
|
| 24 |
| vulnerability |
VCID-k2ku-9mx2-b3a9 |
|
| 25 |
| vulnerability |
VCID-kjnb-e6nd-wudn |
|
| 26 |
| vulnerability |
VCID-kta6-5pt1-27at |
|
| 27 |
| vulnerability |
VCID-mtgm-vqw9-1ubf |
|
| 28 |
| vulnerability |
VCID-myg3-46rj-3qax |
|
| 29 |
| vulnerability |
VCID-n2nm-knaw-gkgx |
|
| 30 |
| vulnerability |
VCID-p3ja-7zqb-mybj |
|
| 31 |
| vulnerability |
VCID-pqyk-2c8e-5yh5 |
|
| 32 |
| vulnerability |
VCID-psr7-vapd-6udz |
|
| 33 |
| vulnerability |
VCID-q2ng-jgm7-8uc9 |
|
| 34 |
| vulnerability |
VCID-r61c-726k-bfh5 |
|
| 35 |
| vulnerability |
VCID-t296-efx6-1yba |
|
| 36 |
| vulnerability |
VCID-t414-nm3b-cfev |
|
| 37 |
| vulnerability |
VCID-tk2g-6m19-yqg3 |
|
| 38 |
| vulnerability |
VCID-u1x7-9n1d-8qb3 |
|
| 39 |
| vulnerability |
VCID-v25d-upc8-wfh4 |
|
| 40 |
| vulnerability |
VCID-vsx2-9wna-nuf2 |
|
| 41 |
| vulnerability |
VCID-wtyd-7ppt-23cj |
|
| 42 |
| vulnerability |
VCID-x248-nq74-wbbs |
|
| 43 |
| vulnerability |
VCID-yb4y-39u3-eufg |
|
| 44 |
| vulnerability |
VCID-ztu1-8yz5-tyc6 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvirt@1.2.1-1~bpo70%252B1 |
|
|
| aliases |
CVE-2013-5651
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-h8hd-mdcx-tben |
|
| 29 |
| url |
VCID-j5b5-zjxe-ffhu |
| vulnerability_id |
VCID-j5b5-zjxe-ffhu |
| summary |
libvirt before 2.0.0 improperly disables password checking when the password on a VNC server is set to an empty string, which allows remote attackers to bypass authentication and establish a VNC session by connecting to the server. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:deb/debian/libvirt@1.2.9-9%2Bdeb8u5 |
| purl |
pkg:deb/debian/libvirt@1.2.9-9%2Bdeb8u5 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-4sf9-8j9p-3fgz |
|
| 1 |
| vulnerability |
VCID-53fz-t4zs-7kbk |
|
| 2 |
| vulnerability |
VCID-6pj3-mq9g-yye9 |
|
| 3 |
| vulnerability |
VCID-75av-3nr7-bkh1 |
|
| 4 |
| vulnerability |
VCID-8u2b-ad6e-ukaw |
|
| 5 |
| vulnerability |
VCID-abdh-e635-17cp |
|
| 6 |
| vulnerability |
VCID-bes6-jjfw-tbdx |
|
| 7 |
| vulnerability |
VCID-bzyu-42js-e3e6 |
|
| 8 |
| vulnerability |
VCID-cf81-wpvh-kqa2 |
|
| 9 |
| vulnerability |
VCID-cjpk-feb2-zqds |
|
| 10 |
| vulnerability |
VCID-etr9-c84d-vuhr |
|
| 11 |
| vulnerability |
VCID-gneu-b3qk-q7e4 |
|
| 12 |
| vulnerability |
VCID-j5b5-zjxe-ffhu |
|
| 13 |
| vulnerability |
VCID-j71z-t8bh-wbb4 |
|
| 14 |
| vulnerability |
VCID-jtjs-y7k7-r7ae |
|
| 15 |
| vulnerability |
VCID-k2ku-9mx2-b3a9 |
|
| 16 |
| vulnerability |
VCID-kjnb-e6nd-wudn |
|
| 17 |
| vulnerability |
VCID-mtgm-vqw9-1ubf |
|
| 18 |
| vulnerability |
VCID-myg3-46rj-3qax |
|
| 19 |
| vulnerability |
VCID-n2nm-knaw-gkgx |
|
| 20 |
| vulnerability |
VCID-pqyk-2c8e-5yh5 |
|
| 21 |
| vulnerability |
VCID-psr7-vapd-6udz |
|
| 22 |
| vulnerability |
VCID-q2ng-jgm7-8uc9 |
|
| 23 |
| vulnerability |
VCID-r61c-726k-bfh5 |
|
| 24 |
| vulnerability |
VCID-t296-efx6-1yba |
|
| 25 |
| vulnerability |
VCID-t414-nm3b-cfev |
|
| 26 |
| vulnerability |
VCID-tk2g-6m19-yqg3 |
|
| 27 |
| vulnerability |
VCID-v25d-upc8-wfh4 |
|
| 28 |
| vulnerability |
VCID-wtyd-7ppt-23cj |
|
| 29 |
| vulnerability |
VCID-x248-nq74-wbbs |
|
| 30 |
| vulnerability |
VCID-ztu1-8yz5-tyc6 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvirt@1.2.9-9%252Bdeb8u5 |
|
| 1 |
| url |
pkg:deb/debian/libvirt@3.0.0-4%2Bdeb9u2~bpo8%2B1 |
| purl |
pkg:deb/debian/libvirt@3.0.0-4%2Bdeb9u2~bpo8%2B1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-4sf9-8j9p-3fgz |
|
| 1 |
| vulnerability |
VCID-53fz-t4zs-7kbk |
|
| 2 |
| vulnerability |
VCID-6pj3-mq9g-yye9 |
|
| 3 |
| vulnerability |
VCID-8u2b-ad6e-ukaw |
|
| 4 |
| vulnerability |
VCID-abdh-e635-17cp |
|
| 5 |
| vulnerability |
VCID-bzyu-42js-e3e6 |
|
| 6 |
| vulnerability |
VCID-cf81-wpvh-kqa2 |
|
| 7 |
| vulnerability |
VCID-cjpk-feb2-zqds |
|
| 8 |
| vulnerability |
VCID-etr9-c84d-vuhr |
|
| 9 |
| vulnerability |
VCID-gneu-b3qk-q7e4 |
|
| 10 |
| vulnerability |
VCID-j71z-t8bh-wbb4 |
|
| 11 |
| vulnerability |
VCID-jtjs-y7k7-r7ae |
|
| 12 |
| vulnerability |
VCID-kjnb-e6nd-wudn |
|
| 13 |
| vulnerability |
VCID-mtgm-vqw9-1ubf |
|
| 14 |
| vulnerability |
VCID-myg3-46rj-3qax |
|
| 15 |
| vulnerability |
VCID-n2nm-knaw-gkgx |
|
| 16 |
| vulnerability |
VCID-pqyk-2c8e-5yh5 |
|
| 17 |
| vulnerability |
VCID-psr7-vapd-6udz |
|
| 18 |
| vulnerability |
VCID-q2ng-jgm7-8uc9 |
|
| 19 |
| vulnerability |
VCID-r61c-726k-bfh5 |
|
| 20 |
| vulnerability |
VCID-t296-efx6-1yba |
|
| 21 |
| vulnerability |
VCID-t414-nm3b-cfev |
|
| 22 |
| vulnerability |
VCID-v25d-upc8-wfh4 |
|
| 23 |
| vulnerability |
VCID-wtyd-7ppt-23cj |
|
| 24 |
| vulnerability |
VCID-ztu1-8yz5-tyc6 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvirt@3.0.0-4%252Bdeb9u2~bpo8%252B1 |
|
|
| aliases |
CVE-2016-5008
|
| risk_score |
2.5 |
| exploitability |
0.5 |
| weighted_severity |
5.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-j5b5-zjxe-ffhu |
|
| 30 |
| url |
VCID-j71z-t8bh-wbb4 |
| vulnerability_id |
VCID-j71z-t8bh-wbb4 |
| summary |
An improper locking issue was found in the virStoragePoolLookupByTargetPath API of libvirt. It occurs in the storagePoolLookupByTargetPath function where a locked virStoragePoolObj object is not properly released on ACL permission failure. Clients connecting to the read-write socket with limited ACL permissions could use this flaw to acquire the lock and prevent other users from accessing storage pool/volume APIs, resulting in a denial of service condition. The highest threat from this vulnerability is to system availability. |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
|
| fixed_packages |
|
| aliases |
CVE-2021-3667
|
| risk_score |
3.0 |
| exploitability |
0.5 |
| weighted_severity |
5.9 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-j71z-t8bh-wbb4 |
|
| 31 |
| url |
VCID-jtjs-y7k7-r7ae |
| vulnerability_id |
VCID-jtjs-y7k7-r7ae |
| summary |
It was discovered that libvirtd, versions 4.x.x before 4.10.1 and 5.x.x before 5.4.1, would permit readonly clients to use the virDomainManagedSaveDefineXML() API, which would permit them to modify managed save state files. If a managed save had already been created by a privileged user, a local attacker could modify this file such that libvirtd would execute an arbitrary program when the domain was resumed. |
| references |
|
| fixed_packages |
|
| aliases |
CVE-2019-10166
|
| risk_score |
3.5 |
| exploitability |
0.5 |
| weighted_severity |
7.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-jtjs-y7k7-r7ae |
|
| 32 |
| url |
VCID-jzhx-dfgg-37ct |
| vulnerability_id |
VCID-jzhx-dfgg-37ct |
| summary |
The virFileNBDDeviceAssociate function in util/virfile.c in libvirt 1.1.2 and earlier allows remote authenticated users to cause a denial of service (uninitialized pointer dereference and crash) via unspecified vectors. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:deb/debian/libvirt@1.2.1-1~bpo70%2B1 |
| purl |
pkg:deb/debian/libvirt@1.2.1-1~bpo70%2B1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-4sf9-8j9p-3fgz |
|
| 1 |
| vulnerability |
VCID-522f-y6qx-nfhn |
|
| 2 |
| vulnerability |
VCID-53fz-t4zs-7kbk |
|
| 3 |
| vulnerability |
VCID-5th2-yymu-x7hm |
|
| 4 |
| vulnerability |
VCID-6pj3-mq9g-yye9 |
|
| 5 |
| vulnerability |
VCID-75av-3nr7-bkh1 |
|
| 6 |
| vulnerability |
VCID-7ezn-r2xq-c7de |
|
| 7 |
| vulnerability |
VCID-8u2b-ad6e-ukaw |
|
| 8 |
| vulnerability |
VCID-8wxg-1wr8-rfca |
|
| 9 |
| vulnerability |
VCID-9cft-v9u9-fubh |
|
| 10 |
| vulnerability |
VCID-abdh-e635-17cp |
|
| 11 |
| vulnerability |
VCID-bes6-jjfw-tbdx |
|
| 12 |
| vulnerability |
VCID-bzyu-42js-e3e6 |
|
| 13 |
| vulnerability |
VCID-cf81-wpvh-kqa2 |
|
| 14 |
| vulnerability |
VCID-cjpk-feb2-zqds |
|
| 15 |
| vulnerability |
VCID-dqys-qxtq-7yd9 |
|
| 16 |
| vulnerability |
VCID-etr9-c84d-vuhr |
|
| 17 |
| vulnerability |
VCID-g3k9-1rc3-xfhu |
|
| 18 |
| vulnerability |
VCID-g59s-kpjm-dbbg |
|
| 19 |
| vulnerability |
VCID-g94m-69qv-8kgk |
|
| 20 |
| vulnerability |
VCID-gneu-b3qk-q7e4 |
|
| 21 |
| vulnerability |
VCID-j5b5-zjxe-ffhu |
|
| 22 |
| vulnerability |
VCID-j71z-t8bh-wbb4 |
|
| 23 |
| vulnerability |
VCID-jtjs-y7k7-r7ae |
|
| 24 |
| vulnerability |
VCID-k2ku-9mx2-b3a9 |
|
| 25 |
| vulnerability |
VCID-kjnb-e6nd-wudn |
|
| 26 |
| vulnerability |
VCID-kta6-5pt1-27at |
|
| 27 |
| vulnerability |
VCID-mtgm-vqw9-1ubf |
|
| 28 |
| vulnerability |
VCID-myg3-46rj-3qax |
|
| 29 |
| vulnerability |
VCID-n2nm-knaw-gkgx |
|
| 30 |
| vulnerability |
VCID-p3ja-7zqb-mybj |
|
| 31 |
| vulnerability |
VCID-pqyk-2c8e-5yh5 |
|
| 32 |
| vulnerability |
VCID-psr7-vapd-6udz |
|
| 33 |
| vulnerability |
VCID-q2ng-jgm7-8uc9 |
|
| 34 |
| vulnerability |
VCID-r61c-726k-bfh5 |
|
| 35 |
| vulnerability |
VCID-t296-efx6-1yba |
|
| 36 |
| vulnerability |
VCID-t414-nm3b-cfev |
|
| 37 |
| vulnerability |
VCID-tk2g-6m19-yqg3 |
|
| 38 |
| vulnerability |
VCID-u1x7-9n1d-8qb3 |
|
| 39 |
| vulnerability |
VCID-v25d-upc8-wfh4 |
|
| 40 |
| vulnerability |
VCID-vsx2-9wna-nuf2 |
|
| 41 |
| vulnerability |
VCID-wtyd-7ppt-23cj |
|
| 42 |
| vulnerability |
VCID-x248-nq74-wbbs |
|
| 43 |
| vulnerability |
VCID-yb4y-39u3-eufg |
|
| 44 |
| vulnerability |
VCID-ztu1-8yz5-tyc6 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvirt@1.2.1-1~bpo70%252B1 |
|
|
| aliases |
CVE-2013-4297
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-jzhx-dfgg-37ct |
|
| 33 |
| url |
VCID-k2ku-9mx2-b3a9 |
| vulnerability_id |
VCID-k2ku-9mx2-b3a9 |
| summary |
Directory traversal vulnerability in the virStorageBackendFileSystemVolCreate function in storage/storage_backend_fs.c in libvirt, when fine-grained Access Control Lists (ACL) are in effect, allows local users with storage_vol:create ACL but not domain:write permission to write to arbitrary files via a .. (dot dot) in a volume name. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:deb/debian/libvirt@3.0.0-4%2Bdeb9u2~bpo8%2B1 |
| purl |
pkg:deb/debian/libvirt@3.0.0-4%2Bdeb9u2~bpo8%2B1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-4sf9-8j9p-3fgz |
|
| 1 |
| vulnerability |
VCID-53fz-t4zs-7kbk |
|
| 2 |
| vulnerability |
VCID-6pj3-mq9g-yye9 |
|
| 3 |
| vulnerability |
VCID-8u2b-ad6e-ukaw |
|
| 4 |
| vulnerability |
VCID-abdh-e635-17cp |
|
| 5 |
| vulnerability |
VCID-bzyu-42js-e3e6 |
|
| 6 |
| vulnerability |
VCID-cf81-wpvh-kqa2 |
|
| 7 |
| vulnerability |
VCID-cjpk-feb2-zqds |
|
| 8 |
| vulnerability |
VCID-etr9-c84d-vuhr |
|
| 9 |
| vulnerability |
VCID-gneu-b3qk-q7e4 |
|
| 10 |
| vulnerability |
VCID-j71z-t8bh-wbb4 |
|
| 11 |
| vulnerability |
VCID-jtjs-y7k7-r7ae |
|
| 12 |
| vulnerability |
VCID-kjnb-e6nd-wudn |
|
| 13 |
| vulnerability |
VCID-mtgm-vqw9-1ubf |
|
| 14 |
| vulnerability |
VCID-myg3-46rj-3qax |
|
| 15 |
| vulnerability |
VCID-n2nm-knaw-gkgx |
|
| 16 |
| vulnerability |
VCID-pqyk-2c8e-5yh5 |
|
| 17 |
| vulnerability |
VCID-psr7-vapd-6udz |
|
| 18 |
| vulnerability |
VCID-q2ng-jgm7-8uc9 |
|
| 19 |
| vulnerability |
VCID-r61c-726k-bfh5 |
|
| 20 |
| vulnerability |
VCID-t296-efx6-1yba |
|
| 21 |
| vulnerability |
VCID-t414-nm3b-cfev |
|
| 22 |
| vulnerability |
VCID-v25d-upc8-wfh4 |
|
| 23 |
| vulnerability |
VCID-wtyd-7ppt-23cj |
|
| 24 |
| vulnerability |
VCID-ztu1-8yz5-tyc6 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvirt@3.0.0-4%252Bdeb9u2~bpo8%252B1 |
|
|
| aliases |
CVE-2015-5313
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-k2ku-9mx2-b3a9 |
|
| 34 |
|
| 35 |
| url |
VCID-kn2h-kurp-pbcc |
| vulnerability_id |
VCID-kn2h-kurp-pbcc |
| summary |
The qemu driver (qemu/qemu_driver.c) in libvirt before 1.1.1 allows remote authenticated users to cause a denial of service (daemon crash) via unspecified vectors involving "multiple events registration." |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:deb/debian/libvirt@1.2.1-1~bpo70%2B1 |
| purl |
pkg:deb/debian/libvirt@1.2.1-1~bpo70%2B1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-4sf9-8j9p-3fgz |
|
| 1 |
| vulnerability |
VCID-522f-y6qx-nfhn |
|
| 2 |
| vulnerability |
VCID-53fz-t4zs-7kbk |
|
| 3 |
| vulnerability |
VCID-5th2-yymu-x7hm |
|
| 4 |
| vulnerability |
VCID-6pj3-mq9g-yye9 |
|
| 5 |
| vulnerability |
VCID-75av-3nr7-bkh1 |
|
| 6 |
| vulnerability |
VCID-7ezn-r2xq-c7de |
|
| 7 |
| vulnerability |
VCID-8u2b-ad6e-ukaw |
|
| 8 |
| vulnerability |
VCID-8wxg-1wr8-rfca |
|
| 9 |
| vulnerability |
VCID-9cft-v9u9-fubh |
|
| 10 |
| vulnerability |
VCID-abdh-e635-17cp |
|
| 11 |
| vulnerability |
VCID-bes6-jjfw-tbdx |
|
| 12 |
| vulnerability |
VCID-bzyu-42js-e3e6 |
|
| 13 |
| vulnerability |
VCID-cf81-wpvh-kqa2 |
|
| 14 |
| vulnerability |
VCID-cjpk-feb2-zqds |
|
| 15 |
| vulnerability |
VCID-dqys-qxtq-7yd9 |
|
| 16 |
| vulnerability |
VCID-etr9-c84d-vuhr |
|
| 17 |
| vulnerability |
VCID-g3k9-1rc3-xfhu |
|
| 18 |
| vulnerability |
VCID-g59s-kpjm-dbbg |
|
| 19 |
| vulnerability |
VCID-g94m-69qv-8kgk |
|
| 20 |
| vulnerability |
VCID-gneu-b3qk-q7e4 |
|
| 21 |
| vulnerability |
VCID-j5b5-zjxe-ffhu |
|
| 22 |
| vulnerability |
VCID-j71z-t8bh-wbb4 |
|
| 23 |
| vulnerability |
VCID-jtjs-y7k7-r7ae |
|
| 24 |
| vulnerability |
VCID-k2ku-9mx2-b3a9 |
|
| 25 |
| vulnerability |
VCID-kjnb-e6nd-wudn |
|
| 26 |
| vulnerability |
VCID-kta6-5pt1-27at |
|
| 27 |
| vulnerability |
VCID-mtgm-vqw9-1ubf |
|
| 28 |
| vulnerability |
VCID-myg3-46rj-3qax |
|
| 29 |
| vulnerability |
VCID-n2nm-knaw-gkgx |
|
| 30 |
| vulnerability |
VCID-p3ja-7zqb-mybj |
|
| 31 |
| vulnerability |
VCID-pqyk-2c8e-5yh5 |
|
| 32 |
| vulnerability |
VCID-psr7-vapd-6udz |
|
| 33 |
| vulnerability |
VCID-q2ng-jgm7-8uc9 |
|
| 34 |
| vulnerability |
VCID-r61c-726k-bfh5 |
|
| 35 |
| vulnerability |
VCID-t296-efx6-1yba |
|
| 36 |
| vulnerability |
VCID-t414-nm3b-cfev |
|
| 37 |
| vulnerability |
VCID-tk2g-6m19-yqg3 |
|
| 38 |
| vulnerability |
VCID-u1x7-9n1d-8qb3 |
|
| 39 |
| vulnerability |
VCID-v25d-upc8-wfh4 |
|
| 40 |
| vulnerability |
VCID-vsx2-9wna-nuf2 |
|
| 41 |
| vulnerability |
VCID-wtyd-7ppt-23cj |
|
| 42 |
| vulnerability |
VCID-x248-nq74-wbbs |
|
| 43 |
| vulnerability |
VCID-yb4y-39u3-eufg |
|
| 44 |
| vulnerability |
VCID-ztu1-8yz5-tyc6 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvirt@1.2.1-1~bpo70%252B1 |
|
|
| aliases |
CVE-2013-2230
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-kn2h-kurp-pbcc |
|
| 36 |
| url |
VCID-kqsz-xg9j-ukeu |
| vulnerability_id |
VCID-kqsz-xg9j-ukeu |
| summary |
The xenDaemonListDefinedDomains function in xen/xend_internal.c in libvirt 1.1.1 allows remote authenticated users to cause a denial of service (memory corruption and crash) via vectors involving the virConnectListDefinedDomains API function. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:deb/debian/libvirt@1.2.1-1~bpo70%2B1 |
| purl |
pkg:deb/debian/libvirt@1.2.1-1~bpo70%2B1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-4sf9-8j9p-3fgz |
|
| 1 |
| vulnerability |
VCID-522f-y6qx-nfhn |
|
| 2 |
| vulnerability |
VCID-53fz-t4zs-7kbk |
|
| 3 |
| vulnerability |
VCID-5th2-yymu-x7hm |
|
| 4 |
| vulnerability |
VCID-6pj3-mq9g-yye9 |
|
| 5 |
| vulnerability |
VCID-75av-3nr7-bkh1 |
|
| 6 |
| vulnerability |
VCID-7ezn-r2xq-c7de |
|
| 7 |
| vulnerability |
VCID-8u2b-ad6e-ukaw |
|
| 8 |
| vulnerability |
VCID-8wxg-1wr8-rfca |
|
| 9 |
| vulnerability |
VCID-9cft-v9u9-fubh |
|
| 10 |
| vulnerability |
VCID-abdh-e635-17cp |
|
| 11 |
| vulnerability |
VCID-bes6-jjfw-tbdx |
|
| 12 |
| vulnerability |
VCID-bzyu-42js-e3e6 |
|
| 13 |
| vulnerability |
VCID-cf81-wpvh-kqa2 |
|
| 14 |
| vulnerability |
VCID-cjpk-feb2-zqds |
|
| 15 |
| vulnerability |
VCID-dqys-qxtq-7yd9 |
|
| 16 |
| vulnerability |
VCID-etr9-c84d-vuhr |
|
| 17 |
| vulnerability |
VCID-g3k9-1rc3-xfhu |
|
| 18 |
| vulnerability |
VCID-g59s-kpjm-dbbg |
|
| 19 |
| vulnerability |
VCID-g94m-69qv-8kgk |
|
| 20 |
| vulnerability |
VCID-gneu-b3qk-q7e4 |
|
| 21 |
| vulnerability |
VCID-j5b5-zjxe-ffhu |
|
| 22 |
| vulnerability |
VCID-j71z-t8bh-wbb4 |
|
| 23 |
| vulnerability |
VCID-jtjs-y7k7-r7ae |
|
| 24 |
| vulnerability |
VCID-k2ku-9mx2-b3a9 |
|
| 25 |
| vulnerability |
VCID-kjnb-e6nd-wudn |
|
| 26 |
| vulnerability |
VCID-kta6-5pt1-27at |
|
| 27 |
| vulnerability |
VCID-mtgm-vqw9-1ubf |
|
| 28 |
| vulnerability |
VCID-myg3-46rj-3qax |
|
| 29 |
| vulnerability |
VCID-n2nm-knaw-gkgx |
|
| 30 |
| vulnerability |
VCID-p3ja-7zqb-mybj |
|
| 31 |
| vulnerability |
VCID-pqyk-2c8e-5yh5 |
|
| 32 |
| vulnerability |
VCID-psr7-vapd-6udz |
|
| 33 |
| vulnerability |
VCID-q2ng-jgm7-8uc9 |
|
| 34 |
| vulnerability |
VCID-r61c-726k-bfh5 |
|
| 35 |
| vulnerability |
VCID-t296-efx6-1yba |
|
| 36 |
| vulnerability |
VCID-t414-nm3b-cfev |
|
| 37 |
| vulnerability |
VCID-tk2g-6m19-yqg3 |
|
| 38 |
| vulnerability |
VCID-u1x7-9n1d-8qb3 |
|
| 39 |
| vulnerability |
VCID-v25d-upc8-wfh4 |
|
| 40 |
| vulnerability |
VCID-vsx2-9wna-nuf2 |
|
| 41 |
| vulnerability |
VCID-wtyd-7ppt-23cj |
|
| 42 |
| vulnerability |
VCID-x248-nq74-wbbs |
|
| 43 |
| vulnerability |
VCID-yb4y-39u3-eufg |
|
| 44 |
| vulnerability |
VCID-ztu1-8yz5-tyc6 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvirt@1.2.1-1~bpo70%252B1 |
|
|
| aliases |
CVE-2013-4239
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-kqsz-xg9j-ukeu |
|
| 37 |
| url |
VCID-kta6-5pt1-27at |
| vulnerability_id |
VCID-kta6-5pt1-27at |
| summary |
The qemu implementation of virConnectGetAllDomainStats in libvirt before 1.2.11 does not properly handle locks when a domain is skipped due to ACL restrictions, which allows a remote authenticated users to cause a denial of service (deadlock or segmentation fault and crash) via a request to access the users does not have privileges to access. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:deb/debian/libvirt@1.2.9-9 |
| purl |
pkg:deb/debian/libvirt@1.2.9-9 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-4sf9-8j9p-3fgz |
|
| 1 |
| vulnerability |
VCID-53fz-t4zs-7kbk |
|
| 2 |
| vulnerability |
VCID-6pj3-mq9g-yye9 |
|
| 3 |
| vulnerability |
VCID-75av-3nr7-bkh1 |
|
| 4 |
| vulnerability |
VCID-8u2b-ad6e-ukaw |
|
| 5 |
| vulnerability |
VCID-abdh-e635-17cp |
|
| 6 |
| vulnerability |
VCID-bes6-jjfw-tbdx |
|
| 7 |
| vulnerability |
VCID-bzyu-42js-e3e6 |
|
| 8 |
| vulnerability |
VCID-cf81-wpvh-kqa2 |
|
| 9 |
| vulnerability |
VCID-cjpk-feb2-zqds |
|
| 10 |
| vulnerability |
VCID-etr9-c84d-vuhr |
|
| 11 |
| vulnerability |
VCID-gneu-b3qk-q7e4 |
|
| 12 |
| vulnerability |
VCID-j5b5-zjxe-ffhu |
|
| 13 |
| vulnerability |
VCID-j71z-t8bh-wbb4 |
|
| 14 |
| vulnerability |
VCID-jtjs-y7k7-r7ae |
|
| 15 |
| vulnerability |
VCID-k2ku-9mx2-b3a9 |
|
| 16 |
| vulnerability |
VCID-kjnb-e6nd-wudn |
|
| 17 |
| vulnerability |
VCID-mtgm-vqw9-1ubf |
|
| 18 |
| vulnerability |
VCID-myg3-46rj-3qax |
|
| 19 |
| vulnerability |
VCID-n2nm-knaw-gkgx |
|
| 20 |
| vulnerability |
VCID-pqyk-2c8e-5yh5 |
|
| 21 |
| vulnerability |
VCID-psr7-vapd-6udz |
|
| 22 |
| vulnerability |
VCID-q2ng-jgm7-8uc9 |
|
| 23 |
| vulnerability |
VCID-r61c-726k-bfh5 |
|
| 24 |
| vulnerability |
VCID-t296-efx6-1yba |
|
| 25 |
| vulnerability |
VCID-t414-nm3b-cfev |
|
| 26 |
| vulnerability |
VCID-tk2g-6m19-yqg3 |
|
| 27 |
| vulnerability |
VCID-v25d-upc8-wfh4 |
|
| 28 |
| vulnerability |
VCID-wtyd-7ppt-23cj |
|
| 29 |
| vulnerability |
VCID-x248-nq74-wbbs |
|
| 30 |
| vulnerability |
VCID-ztu1-8yz5-tyc6 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvirt@1.2.9-9 |
|
|
| aliases |
CVE-2014-8131
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-kta6-5pt1-27at |
|
| 38 |
| url |
VCID-mtgm-vqw9-1ubf |
| vulnerability_id |
VCID-mtgm-vqw9-1ubf |
| summary |
qemu/qemu_driver.c in libvirt before 6.0.0 mishandles the holding of a monitor job during a query to a guest agent, which allows attackers to cause a denial of service (API blockage). |
| references |
|
| fixed_packages |
|
| aliases |
CVE-2019-20485
|
| risk_score |
2.6 |
| exploitability |
0.5 |
| weighted_severity |
5.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-mtgm-vqw9-1ubf |
|
| 39 |
| url |
VCID-myg3-46rj-3qax |
| vulnerability_id |
VCID-myg3-46rj-3qax |
| summary |
A missing authorization flaw was found in the libvirt API responsible for changing the QEMU agent response timeout. This flaw allows read-only connections to adjust the time that libvirt waits for the QEMU guest agent to respond to agent commands. Depending on the timeout value that is set, this flaw can make guest agent commands fail because the agent cannot respond in time. Unprivileged users with a read-only connection could abuse this flaw to set the response timeout for all guest agent messages to zero, potentially leading to a denial of service. This flaw affects libvirt versions before 6.2.0. |
| references |
|
| fixed_packages |
|
| aliases |
CVE-2020-10701
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-myg3-46rj-3qax |
|
| 40 |
| url |
VCID-mzv1-uhwm-fqd2 |
| vulnerability_id |
VCID-mzv1-uhwm-fqd2 |
| summary |
The qemuMigrationWaitForSpice function in qemu/qemu_migration.c in libvirt before 1.1.3 does not properly enter a monitor when performing seamless SPICE migration, which allows local users to cause a denial of service (NULL pointer dereference and libvirtd crash) by causing domblkstat to be called at the same time as the qemuMonitorGetSpiceMigrationStatus function. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:deb/debian/libvirt@1.2.1-1~bpo70%2B1 |
| purl |
pkg:deb/debian/libvirt@1.2.1-1~bpo70%2B1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-4sf9-8j9p-3fgz |
|
| 1 |
| vulnerability |
VCID-522f-y6qx-nfhn |
|
| 2 |
| vulnerability |
VCID-53fz-t4zs-7kbk |
|
| 3 |
| vulnerability |
VCID-5th2-yymu-x7hm |
|
| 4 |
| vulnerability |
VCID-6pj3-mq9g-yye9 |
|
| 5 |
| vulnerability |
VCID-75av-3nr7-bkh1 |
|
| 6 |
| vulnerability |
VCID-7ezn-r2xq-c7de |
|
| 7 |
| vulnerability |
VCID-8u2b-ad6e-ukaw |
|
| 8 |
| vulnerability |
VCID-8wxg-1wr8-rfca |
|
| 9 |
| vulnerability |
VCID-9cft-v9u9-fubh |
|
| 10 |
| vulnerability |
VCID-abdh-e635-17cp |
|
| 11 |
| vulnerability |
VCID-bes6-jjfw-tbdx |
|
| 12 |
| vulnerability |
VCID-bzyu-42js-e3e6 |
|
| 13 |
| vulnerability |
VCID-cf81-wpvh-kqa2 |
|
| 14 |
| vulnerability |
VCID-cjpk-feb2-zqds |
|
| 15 |
| vulnerability |
VCID-dqys-qxtq-7yd9 |
|
| 16 |
| vulnerability |
VCID-etr9-c84d-vuhr |
|
| 17 |
| vulnerability |
VCID-g3k9-1rc3-xfhu |
|
| 18 |
| vulnerability |
VCID-g59s-kpjm-dbbg |
|
| 19 |
| vulnerability |
VCID-g94m-69qv-8kgk |
|
| 20 |
| vulnerability |
VCID-gneu-b3qk-q7e4 |
|
| 21 |
| vulnerability |
VCID-j5b5-zjxe-ffhu |
|
| 22 |
| vulnerability |
VCID-j71z-t8bh-wbb4 |
|
| 23 |
| vulnerability |
VCID-jtjs-y7k7-r7ae |
|
| 24 |
| vulnerability |
VCID-k2ku-9mx2-b3a9 |
|
| 25 |
| vulnerability |
VCID-kjnb-e6nd-wudn |
|
| 26 |
| vulnerability |
VCID-kta6-5pt1-27at |
|
| 27 |
| vulnerability |
VCID-mtgm-vqw9-1ubf |
|
| 28 |
| vulnerability |
VCID-myg3-46rj-3qax |
|
| 29 |
| vulnerability |
VCID-n2nm-knaw-gkgx |
|
| 30 |
| vulnerability |
VCID-p3ja-7zqb-mybj |
|
| 31 |
| vulnerability |
VCID-pqyk-2c8e-5yh5 |
|
| 32 |
| vulnerability |
VCID-psr7-vapd-6udz |
|
| 33 |
| vulnerability |
VCID-q2ng-jgm7-8uc9 |
|
| 34 |
| vulnerability |
VCID-r61c-726k-bfh5 |
|
| 35 |
| vulnerability |
VCID-t296-efx6-1yba |
|
| 36 |
| vulnerability |
VCID-t414-nm3b-cfev |
|
| 37 |
| vulnerability |
VCID-tk2g-6m19-yqg3 |
|
| 38 |
| vulnerability |
VCID-u1x7-9n1d-8qb3 |
|
| 39 |
| vulnerability |
VCID-v25d-upc8-wfh4 |
|
| 40 |
| vulnerability |
VCID-vsx2-9wna-nuf2 |
|
| 41 |
| vulnerability |
VCID-wtyd-7ppt-23cj |
|
| 42 |
| vulnerability |
VCID-x248-nq74-wbbs |
|
| 43 |
| vulnerability |
VCID-yb4y-39u3-eufg |
|
| 44 |
| vulnerability |
VCID-ztu1-8yz5-tyc6 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvirt@1.2.1-1~bpo70%252B1 |
|
|
| aliases |
CVE-2013-7336
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-mzv1-uhwm-fqd2 |
|
| 41 |
| url |
VCID-n2nm-knaw-gkgx |
| vulnerability_id |
VCID-n2nm-knaw-gkgx |
| summary |
libvirt version before 4.2.0-rc1 is vulnerable to a resource exhaustion as a result of an incomplete fix for CVE-2018-5748 that affects QEMU monitor but now also triggered via QEMU guest agent. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:deb/debian/libvirt@1.2.9-9%2Bdeb8u5 |
| purl |
pkg:deb/debian/libvirt@1.2.9-9%2Bdeb8u5 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-4sf9-8j9p-3fgz |
|
| 1 |
| vulnerability |
VCID-53fz-t4zs-7kbk |
|
| 2 |
| vulnerability |
VCID-6pj3-mq9g-yye9 |
|
| 3 |
| vulnerability |
VCID-75av-3nr7-bkh1 |
|
| 4 |
| vulnerability |
VCID-8u2b-ad6e-ukaw |
|
| 5 |
| vulnerability |
VCID-abdh-e635-17cp |
|
| 6 |
| vulnerability |
VCID-bes6-jjfw-tbdx |
|
| 7 |
| vulnerability |
VCID-bzyu-42js-e3e6 |
|
| 8 |
| vulnerability |
VCID-cf81-wpvh-kqa2 |
|
| 9 |
| vulnerability |
VCID-cjpk-feb2-zqds |
|
| 10 |
| vulnerability |
VCID-etr9-c84d-vuhr |
|
| 11 |
| vulnerability |
VCID-gneu-b3qk-q7e4 |
|
| 12 |
| vulnerability |
VCID-j5b5-zjxe-ffhu |
|
| 13 |
| vulnerability |
VCID-j71z-t8bh-wbb4 |
|
| 14 |
| vulnerability |
VCID-jtjs-y7k7-r7ae |
|
| 15 |
| vulnerability |
VCID-k2ku-9mx2-b3a9 |
|
| 16 |
| vulnerability |
VCID-kjnb-e6nd-wudn |
|
| 17 |
| vulnerability |
VCID-mtgm-vqw9-1ubf |
|
| 18 |
| vulnerability |
VCID-myg3-46rj-3qax |
|
| 19 |
| vulnerability |
VCID-n2nm-knaw-gkgx |
|
| 20 |
| vulnerability |
VCID-pqyk-2c8e-5yh5 |
|
| 21 |
| vulnerability |
VCID-psr7-vapd-6udz |
|
| 22 |
| vulnerability |
VCID-q2ng-jgm7-8uc9 |
|
| 23 |
| vulnerability |
VCID-r61c-726k-bfh5 |
|
| 24 |
| vulnerability |
VCID-t296-efx6-1yba |
|
| 25 |
| vulnerability |
VCID-t414-nm3b-cfev |
|
| 26 |
| vulnerability |
VCID-tk2g-6m19-yqg3 |
|
| 27 |
| vulnerability |
VCID-v25d-upc8-wfh4 |
|
| 28 |
| vulnerability |
VCID-wtyd-7ppt-23cj |
|
| 29 |
| vulnerability |
VCID-x248-nq74-wbbs |
|
| 30 |
| vulnerability |
VCID-ztu1-8yz5-tyc6 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvirt@1.2.9-9%252Bdeb8u5 |
|
| 1 |
| url |
pkg:deb/debian/libvirt@3.0.0-4%2Bdeb9u4 |
| purl |
pkg:deb/debian/libvirt@3.0.0-4%2Bdeb9u4 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-4sf9-8j9p-3fgz |
|
| 1 |
| vulnerability |
VCID-53fz-t4zs-7kbk |
|
| 2 |
| vulnerability |
VCID-6pj3-mq9g-yye9 |
|
| 3 |
| vulnerability |
VCID-8u2b-ad6e-ukaw |
|
| 4 |
| vulnerability |
VCID-abdh-e635-17cp |
|
| 5 |
| vulnerability |
VCID-bzyu-42js-e3e6 |
|
| 6 |
| vulnerability |
VCID-cf81-wpvh-kqa2 |
|
| 7 |
| vulnerability |
VCID-cjpk-feb2-zqds |
|
| 8 |
| vulnerability |
VCID-etr9-c84d-vuhr |
|
| 9 |
| vulnerability |
VCID-gneu-b3qk-q7e4 |
|
| 10 |
| vulnerability |
VCID-j71z-t8bh-wbb4 |
|
| 11 |
| vulnerability |
VCID-jtjs-y7k7-r7ae |
|
| 12 |
| vulnerability |
VCID-kjnb-e6nd-wudn |
|
| 13 |
| vulnerability |
VCID-mtgm-vqw9-1ubf |
|
| 14 |
| vulnerability |
VCID-myg3-46rj-3qax |
|
| 15 |
| vulnerability |
VCID-n2nm-knaw-gkgx |
|
| 16 |
| vulnerability |
VCID-pqyk-2c8e-5yh5 |
|
| 17 |
| vulnerability |
VCID-psr7-vapd-6udz |
|
| 18 |
| vulnerability |
VCID-q2ng-jgm7-8uc9 |
|
| 19 |
| vulnerability |
VCID-r61c-726k-bfh5 |
|
| 20 |
| vulnerability |
VCID-t296-efx6-1yba |
|
| 21 |
| vulnerability |
VCID-t414-nm3b-cfev |
|
| 22 |
| vulnerability |
VCID-v25d-upc8-wfh4 |
|
| 23 |
| vulnerability |
VCID-wtyd-7ppt-23cj |
|
| 24 |
| vulnerability |
VCID-ztu1-8yz5-tyc6 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvirt@3.0.0-4%252Bdeb9u4 |
|
| 2 |
|
|
| aliases |
CVE-2018-1064
|
| risk_score |
1.5 |
| exploitability |
0.5 |
| weighted_severity |
3.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-n2nm-knaw-gkgx |
|
| 42 |
| url |
VCID-p3ja-7zqb-mybj |
| vulnerability_id |
VCID-p3ja-7zqb-mybj |
| summary |
The libxlDomainGetNumaParameters function in the libxl driver (libxl/libxl_driver.c) in libvirt before 1.2.1 does not properly initialize the nodemap, which allows local users to cause a denial of service (invalid free operation and crash) or possibly execute arbitrary code via an inactive domain to the virsh numatune command. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:deb/debian/libvirt@1.2.4-1~bpo70%2B1.1 |
| purl |
pkg:deb/debian/libvirt@1.2.4-1~bpo70%2B1.1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-4sf9-8j9p-3fgz |
|
| 1 |
| vulnerability |
VCID-522f-y6qx-nfhn |
|
| 2 |
| vulnerability |
VCID-53fz-t4zs-7kbk |
|
| 3 |
| vulnerability |
VCID-6pj3-mq9g-yye9 |
|
| 4 |
| vulnerability |
VCID-75av-3nr7-bkh1 |
|
| 5 |
| vulnerability |
VCID-7ezn-r2xq-c7de |
|
| 6 |
| vulnerability |
VCID-8u2b-ad6e-ukaw |
|
| 7 |
| vulnerability |
VCID-8wxg-1wr8-rfca |
|
| 8 |
| vulnerability |
VCID-9cft-v9u9-fubh |
|
| 9 |
| vulnerability |
VCID-abdh-e635-17cp |
|
| 10 |
| vulnerability |
VCID-bes6-jjfw-tbdx |
|
| 11 |
| vulnerability |
VCID-bzyu-42js-e3e6 |
|
| 12 |
| vulnerability |
VCID-cf81-wpvh-kqa2 |
|
| 13 |
| vulnerability |
VCID-cjpk-feb2-zqds |
|
| 14 |
| vulnerability |
VCID-etr9-c84d-vuhr |
|
| 15 |
| vulnerability |
VCID-g59s-kpjm-dbbg |
|
| 16 |
| vulnerability |
VCID-g94m-69qv-8kgk |
|
| 17 |
| vulnerability |
VCID-gneu-b3qk-q7e4 |
|
| 18 |
| vulnerability |
VCID-j5b5-zjxe-ffhu |
|
| 19 |
| vulnerability |
VCID-j71z-t8bh-wbb4 |
|
| 20 |
| vulnerability |
VCID-jtjs-y7k7-r7ae |
|
| 21 |
| vulnerability |
VCID-k2ku-9mx2-b3a9 |
|
| 22 |
| vulnerability |
VCID-kjnb-e6nd-wudn |
|
| 23 |
| vulnerability |
VCID-kta6-5pt1-27at |
|
| 24 |
| vulnerability |
VCID-mtgm-vqw9-1ubf |
|
| 25 |
| vulnerability |
VCID-myg3-46rj-3qax |
|
| 26 |
| vulnerability |
VCID-n2nm-knaw-gkgx |
|
| 27 |
| vulnerability |
VCID-pqyk-2c8e-5yh5 |
|
| 28 |
| vulnerability |
VCID-psr7-vapd-6udz |
|
| 29 |
| vulnerability |
VCID-q2ng-jgm7-8uc9 |
|
| 30 |
| vulnerability |
VCID-r61c-726k-bfh5 |
|
| 31 |
| vulnerability |
VCID-t296-efx6-1yba |
|
| 32 |
| vulnerability |
VCID-t414-nm3b-cfev |
|
| 33 |
| vulnerability |
VCID-tk2g-6m19-yqg3 |
|
| 34 |
| vulnerability |
VCID-v25d-upc8-wfh4 |
|
| 35 |
| vulnerability |
VCID-vsx2-9wna-nuf2 |
|
| 36 |
| vulnerability |
VCID-wtyd-7ppt-23cj |
|
| 37 |
| vulnerability |
VCID-x248-nq74-wbbs |
|
| 38 |
| vulnerability |
VCID-yb4y-39u3-eufg |
|
| 39 |
| vulnerability |
VCID-ztu1-8yz5-tyc6 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvirt@1.2.4-1~bpo70%252B1.1 |
|
|
| aliases |
CVE-2013-6457
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-p3ja-7zqb-mybj |
|
| 43 |
| url |
VCID-pqyk-2c8e-5yh5 |
| vulnerability_id |
VCID-pqyk-2c8e-5yh5 |
| summary |
It was discovered that libvirtd before versions 4.10.1 and 5.4.1 would permit read-only clients to use the virDomainSaveImageGetXMLDesc() API, specifying an arbitrary path which would be accessed with the permissions of the libvirtd process. An attacker with access to the libvirtd socket could use this to probe the existence of arbitrary files, cause denial of service or cause libvirtd to execute arbitrary programs. |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:deb/debian/libvirt@3.0.0-4%2Bdeb9u4 |
| purl |
pkg:deb/debian/libvirt@3.0.0-4%2Bdeb9u4 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-4sf9-8j9p-3fgz |
|
| 1 |
| vulnerability |
VCID-53fz-t4zs-7kbk |
|
| 2 |
| vulnerability |
VCID-6pj3-mq9g-yye9 |
|
| 3 |
| vulnerability |
VCID-8u2b-ad6e-ukaw |
|
| 4 |
| vulnerability |
VCID-abdh-e635-17cp |
|
| 5 |
| vulnerability |
VCID-bzyu-42js-e3e6 |
|
| 6 |
| vulnerability |
VCID-cf81-wpvh-kqa2 |
|
| 7 |
| vulnerability |
VCID-cjpk-feb2-zqds |
|
| 8 |
| vulnerability |
VCID-etr9-c84d-vuhr |
|
| 9 |
| vulnerability |
VCID-gneu-b3qk-q7e4 |
|
| 10 |
| vulnerability |
VCID-j71z-t8bh-wbb4 |
|
| 11 |
| vulnerability |
VCID-jtjs-y7k7-r7ae |
|
| 12 |
| vulnerability |
VCID-kjnb-e6nd-wudn |
|
| 13 |
| vulnerability |
VCID-mtgm-vqw9-1ubf |
|
| 14 |
| vulnerability |
VCID-myg3-46rj-3qax |
|
| 15 |
| vulnerability |
VCID-n2nm-knaw-gkgx |
|
| 16 |
| vulnerability |
VCID-pqyk-2c8e-5yh5 |
|
| 17 |
| vulnerability |
VCID-psr7-vapd-6udz |
|
| 18 |
| vulnerability |
VCID-q2ng-jgm7-8uc9 |
|
| 19 |
| vulnerability |
VCID-r61c-726k-bfh5 |
|
| 20 |
| vulnerability |
VCID-t296-efx6-1yba |
|
| 21 |
| vulnerability |
VCID-t414-nm3b-cfev |
|
| 22 |
| vulnerability |
VCID-v25d-upc8-wfh4 |
|
| 23 |
| vulnerability |
VCID-wtyd-7ppt-23cj |
|
| 24 |
| vulnerability |
VCID-ztu1-8yz5-tyc6 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvirt@3.0.0-4%252Bdeb9u4 |
|
| 1 |
|
|
| aliases |
CVE-2019-10161
|
| risk_score |
4.0 |
| exploitability |
0.5 |
| weighted_severity |
7.9 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-pqyk-2c8e-5yh5 |
|
| 44 |
|
| 45 |
| url |
VCID-q2ng-jgm7-8uc9 |
| vulnerability_id |
VCID-q2ng-jgm7-8uc9 |
| summary |
A flaw was found in the libvirt nwfilter driver. The virNWFilterObjListNumOfNWFilters method failed to acquire the driver->nwfilters mutex before iterating over virNWFilterObj instances. There was no protection to stop another thread from concurrently modifying the driver->nwfilters object. This flaw allows a malicious, unprivileged user to exploit this issue via libvirt's API virConnectNumOfNWFilters to crash the network filter management daemon (libvirtd/virtnwfilterd). |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
|
| fixed_packages |
|
| aliases |
CVE-2022-0897
|
| risk_score |
2.2 |
| exploitability |
0.5 |
| weighted_severity |
4.5 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-q2ng-jgm7-8uc9 |
|
| 46 |
| url |
VCID-q38b-cmvy-gybh |
| vulnerability_id |
VCID-q38b-cmvy-gybh |
| summary |
libvirt.c in the API in Red Hat libvirt 0.8.8 does not properly restrict operations in a read-only connection, which allows remote attackers to cause a denial of service (host OS crash) or possibly execute arbitrary code via a (1) virNodeDeviceDettach, (2) virNodeDeviceReset, (3) virDomainRevertToSnapshot, (4) virDomainSnapshotDelete, (5) virNodeDeviceReAttach, or (6) virConnectDomainXMLToNative call, a different vulnerability than CVE-2008-5086. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:deb/debian/libvirt@0.9.12.3-1%2Bdeb7u1 |
| purl |
pkg:deb/debian/libvirt@0.9.12.3-1%2Bdeb7u1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-4sf9-8j9p-3fgz |
|
| 1 |
| vulnerability |
VCID-522f-y6qx-nfhn |
|
| 2 |
| vulnerability |
VCID-53fz-t4zs-7kbk |
|
| 3 |
| vulnerability |
VCID-5th2-yymu-x7hm |
|
| 4 |
| vulnerability |
VCID-6pj3-mq9g-yye9 |
|
| 5 |
| vulnerability |
VCID-75av-3nr7-bkh1 |
|
| 6 |
| vulnerability |
VCID-7ezn-r2xq-c7de |
|
| 7 |
| vulnerability |
VCID-7ks5-8e2n-tua4 |
|
| 8 |
| vulnerability |
VCID-8fmd-jdpb-v7eb |
|
| 9 |
| vulnerability |
VCID-8frc-fhvs-bucm |
|
| 10 |
| vulnerability |
VCID-8u2b-ad6e-ukaw |
|
| 11 |
| vulnerability |
VCID-8wxg-1wr8-rfca |
|
| 12 |
| vulnerability |
VCID-9cft-v9u9-fubh |
|
| 13 |
| vulnerability |
VCID-abdh-e635-17cp |
|
| 14 |
| vulnerability |
VCID-bes6-jjfw-tbdx |
|
| 15 |
| vulnerability |
VCID-bw47-fewt-2fax |
|
| 16 |
| vulnerability |
VCID-bzyu-42js-e3e6 |
|
| 17 |
| vulnerability |
VCID-cf81-wpvh-kqa2 |
|
| 18 |
| vulnerability |
VCID-cjpk-feb2-zqds |
|
| 19 |
| vulnerability |
VCID-db3h-q8fp-b3ds |
|
| 20 |
| vulnerability |
VCID-dqys-qxtq-7yd9 |
|
| 21 |
| vulnerability |
VCID-etr9-c84d-vuhr |
|
| 22 |
| vulnerability |
VCID-g2pc-1es2-3qer |
|
| 23 |
| vulnerability |
VCID-g3k9-1rc3-xfhu |
|
| 24 |
| vulnerability |
VCID-g59s-kpjm-dbbg |
|
| 25 |
| vulnerability |
VCID-g94m-69qv-8kgk |
|
| 26 |
| vulnerability |
VCID-gneu-b3qk-q7e4 |
|
| 27 |
| vulnerability |
VCID-h8hd-mdcx-tben |
|
| 28 |
| vulnerability |
VCID-j5b5-zjxe-ffhu |
|
| 29 |
| vulnerability |
VCID-j71z-t8bh-wbb4 |
|
| 30 |
| vulnerability |
VCID-jtjs-y7k7-r7ae |
|
| 31 |
| vulnerability |
VCID-jzhx-dfgg-37ct |
|
| 32 |
| vulnerability |
VCID-k2ku-9mx2-b3a9 |
|
| 33 |
| vulnerability |
VCID-kjnb-e6nd-wudn |
|
| 34 |
| vulnerability |
VCID-kn2h-kurp-pbcc |
|
| 35 |
| vulnerability |
VCID-kqsz-xg9j-ukeu |
|
| 36 |
| vulnerability |
VCID-kta6-5pt1-27at |
|
| 37 |
| vulnerability |
VCID-mtgm-vqw9-1ubf |
|
| 38 |
| vulnerability |
VCID-myg3-46rj-3qax |
|
| 39 |
| vulnerability |
VCID-mzv1-uhwm-fqd2 |
|
| 40 |
| vulnerability |
VCID-n2nm-knaw-gkgx |
|
| 41 |
| vulnerability |
VCID-p3ja-7zqb-mybj |
|
| 42 |
| vulnerability |
VCID-pqyk-2c8e-5yh5 |
|
| 43 |
| vulnerability |
VCID-psr7-vapd-6udz |
|
| 44 |
| vulnerability |
VCID-q2ng-jgm7-8uc9 |
|
| 45 |
| vulnerability |
VCID-qpvd-b2ru-d7a3 |
|
| 46 |
| vulnerability |
VCID-qtct-kbdm-z7ed |
|
| 47 |
| vulnerability |
VCID-qw96-udhq-q7b6 |
|
| 48 |
| vulnerability |
VCID-r61c-726k-bfh5 |
|
| 49 |
| vulnerability |
VCID-rrcc-k1cq-5ugw |
|
| 50 |
| vulnerability |
VCID-t296-efx6-1yba |
|
| 51 |
| vulnerability |
VCID-t414-nm3b-cfev |
|
| 52 |
| vulnerability |
VCID-tk2g-6m19-yqg3 |
|
| 53 |
| vulnerability |
VCID-u1x7-9n1d-8qb3 |
|
| 54 |
| vulnerability |
VCID-urzt-z32b-97dp |
|
| 55 |
| vulnerability |
VCID-v25d-upc8-wfh4 |
|
| 56 |
| vulnerability |
VCID-vsx2-9wna-nuf2 |
|
| 57 |
| vulnerability |
VCID-wtyd-7ppt-23cj |
|
| 58 |
| vulnerability |
VCID-x248-nq74-wbbs |
|
| 59 |
| vulnerability |
VCID-yb4y-39u3-eufg |
|
| 60 |
| vulnerability |
VCID-ztu1-8yz5-tyc6 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvirt@0.9.12.3-1%252Bdeb7u1 |
|
|
| aliases |
CVE-2011-1146
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-q38b-cmvy-gybh |
|
| 47 |
| url |
VCID-qpvd-b2ru-d7a3 |
| vulnerability_id |
VCID-qpvd-b2ru-d7a3 |
| summary |
The virSecurityManagerSetProcessLabel function in libvirt 0.10.2.7, 1.0.5.5, and 1.1.1, when the domain has read an uid:gid label, does not properly set group memberships, which allows local users to gain privileges. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:deb/debian/libvirt@1.2.1-1~bpo70%2B1 |
| purl |
pkg:deb/debian/libvirt@1.2.1-1~bpo70%2B1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-4sf9-8j9p-3fgz |
|
| 1 |
| vulnerability |
VCID-522f-y6qx-nfhn |
|
| 2 |
| vulnerability |
VCID-53fz-t4zs-7kbk |
|
| 3 |
| vulnerability |
VCID-5th2-yymu-x7hm |
|
| 4 |
| vulnerability |
VCID-6pj3-mq9g-yye9 |
|
| 5 |
| vulnerability |
VCID-75av-3nr7-bkh1 |
|
| 6 |
| vulnerability |
VCID-7ezn-r2xq-c7de |
|
| 7 |
| vulnerability |
VCID-8u2b-ad6e-ukaw |
|
| 8 |
| vulnerability |
VCID-8wxg-1wr8-rfca |
|
| 9 |
| vulnerability |
VCID-9cft-v9u9-fubh |
|
| 10 |
| vulnerability |
VCID-abdh-e635-17cp |
|
| 11 |
| vulnerability |
VCID-bes6-jjfw-tbdx |
|
| 12 |
| vulnerability |
VCID-bzyu-42js-e3e6 |
|
| 13 |
| vulnerability |
VCID-cf81-wpvh-kqa2 |
|
| 14 |
| vulnerability |
VCID-cjpk-feb2-zqds |
|
| 15 |
| vulnerability |
VCID-dqys-qxtq-7yd9 |
|
| 16 |
| vulnerability |
VCID-etr9-c84d-vuhr |
|
| 17 |
| vulnerability |
VCID-g3k9-1rc3-xfhu |
|
| 18 |
| vulnerability |
VCID-g59s-kpjm-dbbg |
|
| 19 |
| vulnerability |
VCID-g94m-69qv-8kgk |
|
| 20 |
| vulnerability |
VCID-gneu-b3qk-q7e4 |
|
| 21 |
| vulnerability |
VCID-j5b5-zjxe-ffhu |
|
| 22 |
| vulnerability |
VCID-j71z-t8bh-wbb4 |
|
| 23 |
| vulnerability |
VCID-jtjs-y7k7-r7ae |
|
| 24 |
| vulnerability |
VCID-k2ku-9mx2-b3a9 |
|
| 25 |
| vulnerability |
VCID-kjnb-e6nd-wudn |
|
| 26 |
| vulnerability |
VCID-kta6-5pt1-27at |
|
| 27 |
| vulnerability |
VCID-mtgm-vqw9-1ubf |
|
| 28 |
| vulnerability |
VCID-myg3-46rj-3qax |
|
| 29 |
| vulnerability |
VCID-n2nm-knaw-gkgx |
|
| 30 |
| vulnerability |
VCID-p3ja-7zqb-mybj |
|
| 31 |
| vulnerability |
VCID-pqyk-2c8e-5yh5 |
|
| 32 |
| vulnerability |
VCID-psr7-vapd-6udz |
|
| 33 |
| vulnerability |
VCID-q2ng-jgm7-8uc9 |
|
| 34 |
| vulnerability |
VCID-r61c-726k-bfh5 |
|
| 35 |
| vulnerability |
VCID-t296-efx6-1yba |
|
| 36 |
| vulnerability |
VCID-t414-nm3b-cfev |
|
| 37 |
| vulnerability |
VCID-tk2g-6m19-yqg3 |
|
| 38 |
| vulnerability |
VCID-u1x7-9n1d-8qb3 |
|
| 39 |
| vulnerability |
VCID-v25d-upc8-wfh4 |
|
| 40 |
| vulnerability |
VCID-vsx2-9wna-nuf2 |
|
| 41 |
| vulnerability |
VCID-wtyd-7ppt-23cj |
|
| 42 |
| vulnerability |
VCID-x248-nq74-wbbs |
|
| 43 |
| vulnerability |
VCID-yb4y-39u3-eufg |
|
| 44 |
| vulnerability |
VCID-ztu1-8yz5-tyc6 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvirt@1.2.1-1~bpo70%252B1 |
|
|
| aliases |
CVE-2013-4291
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-qpvd-b2ru-d7a3 |
|
| 48 |
| url |
VCID-qtct-kbdm-z7ed |
| vulnerability_id |
VCID-qtct-kbdm-z7ed |
| summary |
libvirt 1.1.0 and 1.1.1 allows local users to cause a denial of service (memory consumption) via a large number of domain migrate parameters in certain RPC calls in (1) daemon/remote.c and (2) remote/remote_driver.c. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:deb/debian/libvirt@1.2.1-1~bpo70%2B1 |
| purl |
pkg:deb/debian/libvirt@1.2.1-1~bpo70%2B1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-4sf9-8j9p-3fgz |
|
| 1 |
| vulnerability |
VCID-522f-y6qx-nfhn |
|
| 2 |
| vulnerability |
VCID-53fz-t4zs-7kbk |
|
| 3 |
| vulnerability |
VCID-5th2-yymu-x7hm |
|
| 4 |
| vulnerability |
VCID-6pj3-mq9g-yye9 |
|
| 5 |
| vulnerability |
VCID-75av-3nr7-bkh1 |
|
| 6 |
| vulnerability |
VCID-7ezn-r2xq-c7de |
|
| 7 |
| vulnerability |
VCID-8u2b-ad6e-ukaw |
|
| 8 |
| vulnerability |
VCID-8wxg-1wr8-rfca |
|
| 9 |
| vulnerability |
VCID-9cft-v9u9-fubh |
|
| 10 |
| vulnerability |
VCID-abdh-e635-17cp |
|
| 11 |
| vulnerability |
VCID-bes6-jjfw-tbdx |
|
| 12 |
| vulnerability |
VCID-bzyu-42js-e3e6 |
|
| 13 |
| vulnerability |
VCID-cf81-wpvh-kqa2 |
|
| 14 |
| vulnerability |
VCID-cjpk-feb2-zqds |
|
| 15 |
| vulnerability |
VCID-dqys-qxtq-7yd9 |
|
| 16 |
| vulnerability |
VCID-etr9-c84d-vuhr |
|
| 17 |
| vulnerability |
VCID-g3k9-1rc3-xfhu |
|
| 18 |
| vulnerability |
VCID-g59s-kpjm-dbbg |
|
| 19 |
| vulnerability |
VCID-g94m-69qv-8kgk |
|
| 20 |
| vulnerability |
VCID-gneu-b3qk-q7e4 |
|
| 21 |
| vulnerability |
VCID-j5b5-zjxe-ffhu |
|
| 22 |
| vulnerability |
VCID-j71z-t8bh-wbb4 |
|
| 23 |
| vulnerability |
VCID-jtjs-y7k7-r7ae |
|
| 24 |
| vulnerability |
VCID-k2ku-9mx2-b3a9 |
|
| 25 |
| vulnerability |
VCID-kjnb-e6nd-wudn |
|
| 26 |
| vulnerability |
VCID-kta6-5pt1-27at |
|
| 27 |
| vulnerability |
VCID-mtgm-vqw9-1ubf |
|
| 28 |
| vulnerability |
VCID-myg3-46rj-3qax |
|
| 29 |
| vulnerability |
VCID-n2nm-knaw-gkgx |
|
| 30 |
| vulnerability |
VCID-p3ja-7zqb-mybj |
|
| 31 |
| vulnerability |
VCID-pqyk-2c8e-5yh5 |
|
| 32 |
| vulnerability |
VCID-psr7-vapd-6udz |
|
| 33 |
| vulnerability |
VCID-q2ng-jgm7-8uc9 |
|
| 34 |
| vulnerability |
VCID-r61c-726k-bfh5 |
|
| 35 |
| vulnerability |
VCID-t296-efx6-1yba |
|
| 36 |
| vulnerability |
VCID-t414-nm3b-cfev |
|
| 37 |
| vulnerability |
VCID-tk2g-6m19-yqg3 |
|
| 38 |
| vulnerability |
VCID-u1x7-9n1d-8qb3 |
|
| 39 |
| vulnerability |
VCID-v25d-upc8-wfh4 |
|
| 40 |
| vulnerability |
VCID-vsx2-9wna-nuf2 |
|
| 41 |
| vulnerability |
VCID-wtyd-7ppt-23cj |
|
| 42 |
| vulnerability |
VCID-x248-nq74-wbbs |
|
| 43 |
| vulnerability |
VCID-yb4y-39u3-eufg |
|
| 44 |
| vulnerability |
VCID-ztu1-8yz5-tyc6 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvirt@1.2.1-1~bpo70%252B1 |
|
|
| aliases |
CVE-2013-4292
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-qtct-kbdm-z7ed |
|
| 49 |
| url |
VCID-qw96-udhq-q7b6 |
| vulnerability_id |
VCID-qw96-udhq-q7b6 |
| summary |
Double free vulnerability in the qemuAgentGetVCPUs function in qemu/qemu_agent.c in libvirt 1.0.6 through 1.1.0 allows remote attackers to cause a denial of service (daemon crash) via a cpu count request, as demonstrated by the "virsh vcpucount dom --guest" command. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:deb/debian/libvirt@1.2.1-1~bpo70%2B1 |
| purl |
pkg:deb/debian/libvirt@1.2.1-1~bpo70%2B1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-4sf9-8j9p-3fgz |
|
| 1 |
| vulnerability |
VCID-522f-y6qx-nfhn |
|
| 2 |
| vulnerability |
VCID-53fz-t4zs-7kbk |
|
| 3 |
| vulnerability |
VCID-5th2-yymu-x7hm |
|
| 4 |
| vulnerability |
VCID-6pj3-mq9g-yye9 |
|
| 5 |
| vulnerability |
VCID-75av-3nr7-bkh1 |
|
| 6 |
| vulnerability |
VCID-7ezn-r2xq-c7de |
|
| 7 |
| vulnerability |
VCID-8u2b-ad6e-ukaw |
|
| 8 |
| vulnerability |
VCID-8wxg-1wr8-rfca |
|
| 9 |
| vulnerability |
VCID-9cft-v9u9-fubh |
|
| 10 |
| vulnerability |
VCID-abdh-e635-17cp |
|
| 11 |
| vulnerability |
VCID-bes6-jjfw-tbdx |
|
| 12 |
| vulnerability |
VCID-bzyu-42js-e3e6 |
|
| 13 |
| vulnerability |
VCID-cf81-wpvh-kqa2 |
|
| 14 |
| vulnerability |
VCID-cjpk-feb2-zqds |
|
| 15 |
| vulnerability |
VCID-dqys-qxtq-7yd9 |
|
| 16 |
| vulnerability |
VCID-etr9-c84d-vuhr |
|
| 17 |
| vulnerability |
VCID-g3k9-1rc3-xfhu |
|
| 18 |
| vulnerability |
VCID-g59s-kpjm-dbbg |
|
| 19 |
| vulnerability |
VCID-g94m-69qv-8kgk |
|
| 20 |
| vulnerability |
VCID-gneu-b3qk-q7e4 |
|
| 21 |
| vulnerability |
VCID-j5b5-zjxe-ffhu |
|
| 22 |
| vulnerability |
VCID-j71z-t8bh-wbb4 |
|
| 23 |
| vulnerability |
VCID-jtjs-y7k7-r7ae |
|
| 24 |
| vulnerability |
VCID-k2ku-9mx2-b3a9 |
|
| 25 |
| vulnerability |
VCID-kjnb-e6nd-wudn |
|
| 26 |
| vulnerability |
VCID-kta6-5pt1-27at |
|
| 27 |
| vulnerability |
VCID-mtgm-vqw9-1ubf |
|
| 28 |
| vulnerability |
VCID-myg3-46rj-3qax |
|
| 29 |
| vulnerability |
VCID-n2nm-knaw-gkgx |
|
| 30 |
| vulnerability |
VCID-p3ja-7zqb-mybj |
|
| 31 |
| vulnerability |
VCID-pqyk-2c8e-5yh5 |
|
| 32 |
| vulnerability |
VCID-psr7-vapd-6udz |
|
| 33 |
| vulnerability |
VCID-q2ng-jgm7-8uc9 |
|
| 34 |
| vulnerability |
VCID-r61c-726k-bfh5 |
|
| 35 |
| vulnerability |
VCID-t296-efx6-1yba |
|
| 36 |
| vulnerability |
VCID-t414-nm3b-cfev |
|
| 37 |
| vulnerability |
VCID-tk2g-6m19-yqg3 |
|
| 38 |
| vulnerability |
VCID-u1x7-9n1d-8qb3 |
|
| 39 |
| vulnerability |
VCID-v25d-upc8-wfh4 |
|
| 40 |
| vulnerability |
VCID-vsx2-9wna-nuf2 |
|
| 41 |
| vulnerability |
VCID-wtyd-7ppt-23cj |
|
| 42 |
| vulnerability |
VCID-x248-nq74-wbbs |
|
| 43 |
| vulnerability |
VCID-yb4y-39u3-eufg |
|
| 44 |
| vulnerability |
VCID-ztu1-8yz5-tyc6 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvirt@1.2.1-1~bpo70%252B1 |
|
|
| aliases |
CVE-2013-4153
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-qw96-udhq-q7b6 |
|
| 50 |
|
| 51 |
| url |
VCID-rrcc-k1cq-5ugw |
| vulnerability_id |
VCID-rrcc-k1cq-5ugw |
| summary |
virt-login-shell in libvirt 1.1.2 through 1.1.3 allows local users to overwrite arbitrary files and possibly gain privileges via unspecified environment variables or command-line arguments. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:deb/debian/libvirt@1.2.1-1~bpo70%2B1 |
| purl |
pkg:deb/debian/libvirt@1.2.1-1~bpo70%2B1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-4sf9-8j9p-3fgz |
|
| 1 |
| vulnerability |
VCID-522f-y6qx-nfhn |
|
| 2 |
| vulnerability |
VCID-53fz-t4zs-7kbk |
|
| 3 |
| vulnerability |
VCID-5th2-yymu-x7hm |
|
| 4 |
| vulnerability |
VCID-6pj3-mq9g-yye9 |
|
| 5 |
| vulnerability |
VCID-75av-3nr7-bkh1 |
|
| 6 |
| vulnerability |
VCID-7ezn-r2xq-c7de |
|
| 7 |
| vulnerability |
VCID-8u2b-ad6e-ukaw |
|
| 8 |
| vulnerability |
VCID-8wxg-1wr8-rfca |
|
| 9 |
| vulnerability |
VCID-9cft-v9u9-fubh |
|
| 10 |
| vulnerability |
VCID-abdh-e635-17cp |
|
| 11 |
| vulnerability |
VCID-bes6-jjfw-tbdx |
|
| 12 |
| vulnerability |
VCID-bzyu-42js-e3e6 |
|
| 13 |
| vulnerability |
VCID-cf81-wpvh-kqa2 |
|
| 14 |
| vulnerability |
VCID-cjpk-feb2-zqds |
|
| 15 |
| vulnerability |
VCID-dqys-qxtq-7yd9 |
|
| 16 |
| vulnerability |
VCID-etr9-c84d-vuhr |
|
| 17 |
| vulnerability |
VCID-g3k9-1rc3-xfhu |
|
| 18 |
| vulnerability |
VCID-g59s-kpjm-dbbg |
|
| 19 |
| vulnerability |
VCID-g94m-69qv-8kgk |
|
| 20 |
| vulnerability |
VCID-gneu-b3qk-q7e4 |
|
| 21 |
| vulnerability |
VCID-j5b5-zjxe-ffhu |
|
| 22 |
| vulnerability |
VCID-j71z-t8bh-wbb4 |
|
| 23 |
| vulnerability |
VCID-jtjs-y7k7-r7ae |
|
| 24 |
| vulnerability |
VCID-k2ku-9mx2-b3a9 |
|
| 25 |
| vulnerability |
VCID-kjnb-e6nd-wudn |
|
| 26 |
| vulnerability |
VCID-kta6-5pt1-27at |
|
| 27 |
| vulnerability |
VCID-mtgm-vqw9-1ubf |
|
| 28 |
| vulnerability |
VCID-myg3-46rj-3qax |
|
| 29 |
| vulnerability |
VCID-n2nm-knaw-gkgx |
|
| 30 |
| vulnerability |
VCID-p3ja-7zqb-mybj |
|
| 31 |
| vulnerability |
VCID-pqyk-2c8e-5yh5 |
|
| 32 |
| vulnerability |
VCID-psr7-vapd-6udz |
|
| 33 |
| vulnerability |
VCID-q2ng-jgm7-8uc9 |
|
| 34 |
| vulnerability |
VCID-r61c-726k-bfh5 |
|
| 35 |
| vulnerability |
VCID-t296-efx6-1yba |
|
| 36 |
| vulnerability |
VCID-t414-nm3b-cfev |
|
| 37 |
| vulnerability |
VCID-tk2g-6m19-yqg3 |
|
| 38 |
| vulnerability |
VCID-u1x7-9n1d-8qb3 |
|
| 39 |
| vulnerability |
VCID-v25d-upc8-wfh4 |
|
| 40 |
| vulnerability |
VCID-vsx2-9wna-nuf2 |
|
| 41 |
| vulnerability |
VCID-wtyd-7ppt-23cj |
|
| 42 |
| vulnerability |
VCID-x248-nq74-wbbs |
|
| 43 |
| vulnerability |
VCID-yb4y-39u3-eufg |
|
| 44 |
| vulnerability |
VCID-ztu1-8yz5-tyc6 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvirt@1.2.1-1~bpo70%252B1 |
|
|
| aliases |
CVE-2013-4400
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-rrcc-k1cq-5ugw |
|
| 52 |
| url |
VCID-swqk-4gu6-nkdq |
| vulnerability_id |
VCID-swqk-4gu6-nkdq |
| summary |
libvirt 1.0.2 and earlier sets the group owner to kvm for device files, which allows local users to write to these files via unspecified vectors. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:deb/debian/libvirt@0.9.12.3-1%2Bdeb7u1 |
| purl |
pkg:deb/debian/libvirt@0.9.12.3-1%2Bdeb7u1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-4sf9-8j9p-3fgz |
|
| 1 |
| vulnerability |
VCID-522f-y6qx-nfhn |
|
| 2 |
| vulnerability |
VCID-53fz-t4zs-7kbk |
|
| 3 |
| vulnerability |
VCID-5th2-yymu-x7hm |
|
| 4 |
| vulnerability |
VCID-6pj3-mq9g-yye9 |
|
| 5 |
| vulnerability |
VCID-75av-3nr7-bkh1 |
|
| 6 |
| vulnerability |
VCID-7ezn-r2xq-c7de |
|
| 7 |
| vulnerability |
VCID-7ks5-8e2n-tua4 |
|
| 8 |
| vulnerability |
VCID-8fmd-jdpb-v7eb |
|
| 9 |
| vulnerability |
VCID-8frc-fhvs-bucm |
|
| 10 |
| vulnerability |
VCID-8u2b-ad6e-ukaw |
|
| 11 |
| vulnerability |
VCID-8wxg-1wr8-rfca |
|
| 12 |
| vulnerability |
VCID-9cft-v9u9-fubh |
|
| 13 |
| vulnerability |
VCID-abdh-e635-17cp |
|
| 14 |
| vulnerability |
VCID-bes6-jjfw-tbdx |
|
| 15 |
| vulnerability |
VCID-bw47-fewt-2fax |
|
| 16 |
| vulnerability |
VCID-bzyu-42js-e3e6 |
|
| 17 |
| vulnerability |
VCID-cf81-wpvh-kqa2 |
|
| 18 |
| vulnerability |
VCID-cjpk-feb2-zqds |
|
| 19 |
| vulnerability |
VCID-db3h-q8fp-b3ds |
|
| 20 |
| vulnerability |
VCID-dqys-qxtq-7yd9 |
|
| 21 |
| vulnerability |
VCID-etr9-c84d-vuhr |
|
| 22 |
| vulnerability |
VCID-g2pc-1es2-3qer |
|
| 23 |
| vulnerability |
VCID-g3k9-1rc3-xfhu |
|
| 24 |
| vulnerability |
VCID-g59s-kpjm-dbbg |
|
| 25 |
| vulnerability |
VCID-g94m-69qv-8kgk |
|
| 26 |
| vulnerability |
VCID-gneu-b3qk-q7e4 |
|
| 27 |
| vulnerability |
VCID-h8hd-mdcx-tben |
|
| 28 |
| vulnerability |
VCID-j5b5-zjxe-ffhu |
|
| 29 |
| vulnerability |
VCID-j71z-t8bh-wbb4 |
|
| 30 |
| vulnerability |
VCID-jtjs-y7k7-r7ae |
|
| 31 |
| vulnerability |
VCID-jzhx-dfgg-37ct |
|
| 32 |
| vulnerability |
VCID-k2ku-9mx2-b3a9 |
|
| 33 |
| vulnerability |
VCID-kjnb-e6nd-wudn |
|
| 34 |
| vulnerability |
VCID-kn2h-kurp-pbcc |
|
| 35 |
| vulnerability |
VCID-kqsz-xg9j-ukeu |
|
| 36 |
| vulnerability |
VCID-kta6-5pt1-27at |
|
| 37 |
| vulnerability |
VCID-mtgm-vqw9-1ubf |
|
| 38 |
| vulnerability |
VCID-myg3-46rj-3qax |
|
| 39 |
| vulnerability |
VCID-mzv1-uhwm-fqd2 |
|
| 40 |
| vulnerability |
VCID-n2nm-knaw-gkgx |
|
| 41 |
| vulnerability |
VCID-p3ja-7zqb-mybj |
|
| 42 |
| vulnerability |
VCID-pqyk-2c8e-5yh5 |
|
| 43 |
| vulnerability |
VCID-psr7-vapd-6udz |
|
| 44 |
| vulnerability |
VCID-q2ng-jgm7-8uc9 |
|
| 45 |
| vulnerability |
VCID-qpvd-b2ru-d7a3 |
|
| 46 |
| vulnerability |
VCID-qtct-kbdm-z7ed |
|
| 47 |
| vulnerability |
VCID-qw96-udhq-q7b6 |
|
| 48 |
| vulnerability |
VCID-r61c-726k-bfh5 |
|
| 49 |
| vulnerability |
VCID-rrcc-k1cq-5ugw |
|
| 50 |
| vulnerability |
VCID-t296-efx6-1yba |
|
| 51 |
| vulnerability |
VCID-t414-nm3b-cfev |
|
| 52 |
| vulnerability |
VCID-tk2g-6m19-yqg3 |
|
| 53 |
| vulnerability |
VCID-u1x7-9n1d-8qb3 |
|
| 54 |
| vulnerability |
VCID-urzt-z32b-97dp |
|
| 55 |
| vulnerability |
VCID-v25d-upc8-wfh4 |
|
| 56 |
| vulnerability |
VCID-vsx2-9wna-nuf2 |
|
| 57 |
| vulnerability |
VCID-wtyd-7ppt-23cj |
|
| 58 |
| vulnerability |
VCID-x248-nq74-wbbs |
|
| 59 |
| vulnerability |
VCID-yb4y-39u3-eufg |
|
| 60 |
| vulnerability |
VCID-ztu1-8yz5-tyc6 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvirt@0.9.12.3-1%252Bdeb7u1 |
|
|
| aliases |
CVE-2013-1766
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-swqk-4gu6-nkdq |
|
| 53 |
| url |
VCID-t296-efx6-1yba |
| vulnerability_id |
VCID-t296-efx6-1yba |
| summary |
An incorrect permissions check was discovered in libvirt 4.8.0 and above. The readonly permission was allowed to invoke APIs depending on the guest agent, which could lead to potentially disclosing unintended information or denial of service by causing libvirt to block. |
| references |
|
| fixed_packages |
|
| aliases |
CVE-2019-3886
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-t296-efx6-1yba |
|
| 54 |
| url |
VCID-t414-nm3b-cfev |
| vulnerability_id |
VCID-t414-nm3b-cfev |
| summary |
util/virlog.c in libvirt does not properly determine the hostname on LXC container startup, which allows local guest OS users to bypass an intended container protection mechanism and execute arbitrary commands via a crafted NSS module. |
| references |
|
| fixed_packages |
|
| aliases |
CVE-2018-6764
|
| risk_score |
2.2 |
| exploitability |
0.5 |
| weighted_severity |
4.5 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-t414-nm3b-cfev |
|
| 55 |
| url |
VCID-tk2g-6m19-yqg3 |
| vulnerability_id |
VCID-tk2g-6m19-yqg3 |
| summary |
libvirt before 2.2 includes Ceph credentials on the qemu command line when using RADOS Block Device (aka RBD), which allows local users to obtain sensitive information via a process listing. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:deb/debian/libvirt@3.0.0-4%2Bdeb9u2~bpo8%2B1 |
| purl |
pkg:deb/debian/libvirt@3.0.0-4%2Bdeb9u2~bpo8%2B1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-4sf9-8j9p-3fgz |
|
| 1 |
| vulnerability |
VCID-53fz-t4zs-7kbk |
|
| 2 |
| vulnerability |
VCID-6pj3-mq9g-yye9 |
|
| 3 |
| vulnerability |
VCID-8u2b-ad6e-ukaw |
|
| 4 |
| vulnerability |
VCID-abdh-e635-17cp |
|
| 5 |
| vulnerability |
VCID-bzyu-42js-e3e6 |
|
| 6 |
| vulnerability |
VCID-cf81-wpvh-kqa2 |
|
| 7 |
| vulnerability |
VCID-cjpk-feb2-zqds |
|
| 8 |
| vulnerability |
VCID-etr9-c84d-vuhr |
|
| 9 |
| vulnerability |
VCID-gneu-b3qk-q7e4 |
|
| 10 |
| vulnerability |
VCID-j71z-t8bh-wbb4 |
|
| 11 |
| vulnerability |
VCID-jtjs-y7k7-r7ae |
|
| 12 |
| vulnerability |
VCID-kjnb-e6nd-wudn |
|
| 13 |
| vulnerability |
VCID-mtgm-vqw9-1ubf |
|
| 14 |
| vulnerability |
VCID-myg3-46rj-3qax |
|
| 15 |
| vulnerability |
VCID-n2nm-knaw-gkgx |
|
| 16 |
| vulnerability |
VCID-pqyk-2c8e-5yh5 |
|
| 17 |
| vulnerability |
VCID-psr7-vapd-6udz |
|
| 18 |
| vulnerability |
VCID-q2ng-jgm7-8uc9 |
|
| 19 |
| vulnerability |
VCID-r61c-726k-bfh5 |
|
| 20 |
| vulnerability |
VCID-t296-efx6-1yba |
|
| 21 |
| vulnerability |
VCID-t414-nm3b-cfev |
|
| 22 |
| vulnerability |
VCID-v25d-upc8-wfh4 |
|
| 23 |
| vulnerability |
VCID-wtyd-7ppt-23cj |
|
| 24 |
| vulnerability |
VCID-ztu1-8yz5-tyc6 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvirt@3.0.0-4%252Bdeb9u2~bpo8%252B1 |
|
|
| aliases |
CVE-2015-5160
|
| risk_score |
1.5 |
| exploitability |
0.5 |
| weighted_severity |
3.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-tk2g-6m19-yqg3 |
|
| 56 |
| url |
VCID-trpf-3d81-r3g8 |
| vulnerability_id |
VCID-trpf-3d81-r3g8 |
| summary |
libvirt, possibly before 0.9.12, does not properly assign USB devices to virtual machines when multiple devices have the same vendor and product ID, which might cause the wrong device to be associated with a guest and might allow local users to access unintended USB devices. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:deb/debian/libvirt@0.9.12.3-1%2Bdeb7u1 |
| purl |
pkg:deb/debian/libvirt@0.9.12.3-1%2Bdeb7u1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-4sf9-8j9p-3fgz |
|
| 1 |
| vulnerability |
VCID-522f-y6qx-nfhn |
|
| 2 |
| vulnerability |
VCID-53fz-t4zs-7kbk |
|
| 3 |
| vulnerability |
VCID-5th2-yymu-x7hm |
|
| 4 |
| vulnerability |
VCID-6pj3-mq9g-yye9 |
|
| 5 |
| vulnerability |
VCID-75av-3nr7-bkh1 |
|
| 6 |
| vulnerability |
VCID-7ezn-r2xq-c7de |
|
| 7 |
| vulnerability |
VCID-7ks5-8e2n-tua4 |
|
| 8 |
| vulnerability |
VCID-8fmd-jdpb-v7eb |
|
| 9 |
| vulnerability |
VCID-8frc-fhvs-bucm |
|
| 10 |
| vulnerability |
VCID-8u2b-ad6e-ukaw |
|
| 11 |
| vulnerability |
VCID-8wxg-1wr8-rfca |
|
| 12 |
| vulnerability |
VCID-9cft-v9u9-fubh |
|
| 13 |
| vulnerability |
VCID-abdh-e635-17cp |
|
| 14 |
| vulnerability |
VCID-bes6-jjfw-tbdx |
|
| 15 |
| vulnerability |
VCID-bw47-fewt-2fax |
|
| 16 |
| vulnerability |
VCID-bzyu-42js-e3e6 |
|
| 17 |
| vulnerability |
VCID-cf81-wpvh-kqa2 |
|
| 18 |
| vulnerability |
VCID-cjpk-feb2-zqds |
|
| 19 |
| vulnerability |
VCID-db3h-q8fp-b3ds |
|
| 20 |
| vulnerability |
VCID-dqys-qxtq-7yd9 |
|
| 21 |
| vulnerability |
VCID-etr9-c84d-vuhr |
|
| 22 |
| vulnerability |
VCID-g2pc-1es2-3qer |
|
| 23 |
| vulnerability |
VCID-g3k9-1rc3-xfhu |
|
| 24 |
| vulnerability |
VCID-g59s-kpjm-dbbg |
|
| 25 |
| vulnerability |
VCID-g94m-69qv-8kgk |
|
| 26 |
| vulnerability |
VCID-gneu-b3qk-q7e4 |
|
| 27 |
| vulnerability |
VCID-h8hd-mdcx-tben |
|
| 28 |
| vulnerability |
VCID-j5b5-zjxe-ffhu |
|
| 29 |
| vulnerability |
VCID-j71z-t8bh-wbb4 |
|
| 30 |
| vulnerability |
VCID-jtjs-y7k7-r7ae |
|
| 31 |
| vulnerability |
VCID-jzhx-dfgg-37ct |
|
| 32 |
| vulnerability |
VCID-k2ku-9mx2-b3a9 |
|
| 33 |
| vulnerability |
VCID-kjnb-e6nd-wudn |
|
| 34 |
| vulnerability |
VCID-kn2h-kurp-pbcc |
|
| 35 |
| vulnerability |
VCID-kqsz-xg9j-ukeu |
|
| 36 |
| vulnerability |
VCID-kta6-5pt1-27at |
|
| 37 |
| vulnerability |
VCID-mtgm-vqw9-1ubf |
|
| 38 |
| vulnerability |
VCID-myg3-46rj-3qax |
|
| 39 |
| vulnerability |
VCID-mzv1-uhwm-fqd2 |
|
| 40 |
| vulnerability |
VCID-n2nm-knaw-gkgx |
|
| 41 |
| vulnerability |
VCID-p3ja-7zqb-mybj |
|
| 42 |
| vulnerability |
VCID-pqyk-2c8e-5yh5 |
|
| 43 |
| vulnerability |
VCID-psr7-vapd-6udz |
|
| 44 |
| vulnerability |
VCID-q2ng-jgm7-8uc9 |
|
| 45 |
| vulnerability |
VCID-qpvd-b2ru-d7a3 |
|
| 46 |
| vulnerability |
VCID-qtct-kbdm-z7ed |
|
| 47 |
| vulnerability |
VCID-qw96-udhq-q7b6 |
|
| 48 |
| vulnerability |
VCID-r61c-726k-bfh5 |
|
| 49 |
| vulnerability |
VCID-rrcc-k1cq-5ugw |
|
| 50 |
| vulnerability |
VCID-t296-efx6-1yba |
|
| 51 |
| vulnerability |
VCID-t414-nm3b-cfev |
|
| 52 |
| vulnerability |
VCID-tk2g-6m19-yqg3 |
|
| 53 |
| vulnerability |
VCID-u1x7-9n1d-8qb3 |
|
| 54 |
| vulnerability |
VCID-urzt-z32b-97dp |
|
| 55 |
| vulnerability |
VCID-v25d-upc8-wfh4 |
|
| 56 |
| vulnerability |
VCID-vsx2-9wna-nuf2 |
|
| 57 |
| vulnerability |
VCID-wtyd-7ppt-23cj |
|
| 58 |
| vulnerability |
VCID-x248-nq74-wbbs |
|
| 59 |
| vulnerability |
VCID-yb4y-39u3-eufg |
|
| 60 |
| vulnerability |
VCID-ztu1-8yz5-tyc6 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvirt@0.9.12.3-1%252Bdeb7u1 |
|
|
| aliases |
CVE-2012-2693
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-trpf-3d81-r3g8 |
|
| 57 |
| url |
VCID-u1x7-9n1d-8qb3 |
| vulnerability_id |
VCID-u1x7-9n1d-8qb3 |
| summary |
Multiple race conditions in the (1) virDomainBlockStats, (2) virDomainGetBlockInf, (3) qemuDomainBlockJobImpl, and (4) virDomainGetBlockIoTune functions in libvirt before 1.2.1 do not properly verify that the disk is attached, which allows remote read-only attackers to cause a denial of service (libvirtd crash) via the virDomainDetachDeviceFlags command. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:deb/debian/libvirt@0.9.12.3-1%2Bdeb7u1 |
| purl |
pkg:deb/debian/libvirt@0.9.12.3-1%2Bdeb7u1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-4sf9-8j9p-3fgz |
|
| 1 |
| vulnerability |
VCID-522f-y6qx-nfhn |
|
| 2 |
| vulnerability |
VCID-53fz-t4zs-7kbk |
|
| 3 |
| vulnerability |
VCID-5th2-yymu-x7hm |
|
| 4 |
| vulnerability |
VCID-6pj3-mq9g-yye9 |
|
| 5 |
| vulnerability |
VCID-75av-3nr7-bkh1 |
|
| 6 |
| vulnerability |
VCID-7ezn-r2xq-c7de |
|
| 7 |
| vulnerability |
VCID-7ks5-8e2n-tua4 |
|
| 8 |
| vulnerability |
VCID-8fmd-jdpb-v7eb |
|
| 9 |
| vulnerability |
VCID-8frc-fhvs-bucm |
|
| 10 |
| vulnerability |
VCID-8u2b-ad6e-ukaw |
|
| 11 |
| vulnerability |
VCID-8wxg-1wr8-rfca |
|
| 12 |
| vulnerability |
VCID-9cft-v9u9-fubh |
|
| 13 |
| vulnerability |
VCID-abdh-e635-17cp |
|
| 14 |
| vulnerability |
VCID-bes6-jjfw-tbdx |
|
| 15 |
| vulnerability |
VCID-bw47-fewt-2fax |
|
| 16 |
| vulnerability |
VCID-bzyu-42js-e3e6 |
|
| 17 |
| vulnerability |
VCID-cf81-wpvh-kqa2 |
|
| 18 |
| vulnerability |
VCID-cjpk-feb2-zqds |
|
| 19 |
| vulnerability |
VCID-db3h-q8fp-b3ds |
|
| 20 |
| vulnerability |
VCID-dqys-qxtq-7yd9 |
|
| 21 |
| vulnerability |
VCID-etr9-c84d-vuhr |
|
| 22 |
| vulnerability |
VCID-g2pc-1es2-3qer |
|
| 23 |
| vulnerability |
VCID-g3k9-1rc3-xfhu |
|
| 24 |
| vulnerability |
VCID-g59s-kpjm-dbbg |
|
| 25 |
| vulnerability |
VCID-g94m-69qv-8kgk |
|
| 26 |
| vulnerability |
VCID-gneu-b3qk-q7e4 |
|
| 27 |
| vulnerability |
VCID-h8hd-mdcx-tben |
|
| 28 |
| vulnerability |
VCID-j5b5-zjxe-ffhu |
|
| 29 |
| vulnerability |
VCID-j71z-t8bh-wbb4 |
|
| 30 |
| vulnerability |
VCID-jtjs-y7k7-r7ae |
|
| 31 |
| vulnerability |
VCID-jzhx-dfgg-37ct |
|
| 32 |
| vulnerability |
VCID-k2ku-9mx2-b3a9 |
|
| 33 |
| vulnerability |
VCID-kjnb-e6nd-wudn |
|
| 34 |
| vulnerability |
VCID-kn2h-kurp-pbcc |
|
| 35 |
| vulnerability |
VCID-kqsz-xg9j-ukeu |
|
| 36 |
| vulnerability |
VCID-kta6-5pt1-27at |
|
| 37 |
| vulnerability |
VCID-mtgm-vqw9-1ubf |
|
| 38 |
| vulnerability |
VCID-myg3-46rj-3qax |
|
| 39 |
| vulnerability |
VCID-mzv1-uhwm-fqd2 |
|
| 40 |
| vulnerability |
VCID-n2nm-knaw-gkgx |
|
| 41 |
| vulnerability |
VCID-p3ja-7zqb-mybj |
|
| 42 |
| vulnerability |
VCID-pqyk-2c8e-5yh5 |
|
| 43 |
| vulnerability |
VCID-psr7-vapd-6udz |
|
| 44 |
| vulnerability |
VCID-q2ng-jgm7-8uc9 |
|
| 45 |
| vulnerability |
VCID-qpvd-b2ru-d7a3 |
|
| 46 |
| vulnerability |
VCID-qtct-kbdm-z7ed |
|
| 47 |
| vulnerability |
VCID-qw96-udhq-q7b6 |
|
| 48 |
| vulnerability |
VCID-r61c-726k-bfh5 |
|
| 49 |
| vulnerability |
VCID-rrcc-k1cq-5ugw |
|
| 50 |
| vulnerability |
VCID-t296-efx6-1yba |
|
| 51 |
| vulnerability |
VCID-t414-nm3b-cfev |
|
| 52 |
| vulnerability |
VCID-tk2g-6m19-yqg3 |
|
| 53 |
| vulnerability |
VCID-u1x7-9n1d-8qb3 |
|
| 54 |
| vulnerability |
VCID-urzt-z32b-97dp |
|
| 55 |
| vulnerability |
VCID-v25d-upc8-wfh4 |
|
| 56 |
| vulnerability |
VCID-vsx2-9wna-nuf2 |
|
| 57 |
| vulnerability |
VCID-wtyd-7ppt-23cj |
|
| 58 |
| vulnerability |
VCID-x248-nq74-wbbs |
|
| 59 |
| vulnerability |
VCID-yb4y-39u3-eufg |
|
| 60 |
| vulnerability |
VCID-ztu1-8yz5-tyc6 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvirt@0.9.12.3-1%252Bdeb7u1 |
|
| 1 |
| url |
pkg:deb/debian/libvirt@1.2.4-1~bpo70%2B1.1 |
| purl |
pkg:deb/debian/libvirt@1.2.4-1~bpo70%2B1.1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-4sf9-8j9p-3fgz |
|
| 1 |
| vulnerability |
VCID-522f-y6qx-nfhn |
|
| 2 |
| vulnerability |
VCID-53fz-t4zs-7kbk |
|
| 3 |
| vulnerability |
VCID-6pj3-mq9g-yye9 |
|
| 4 |
| vulnerability |
VCID-75av-3nr7-bkh1 |
|
| 5 |
| vulnerability |
VCID-7ezn-r2xq-c7de |
|
| 6 |
| vulnerability |
VCID-8u2b-ad6e-ukaw |
|
| 7 |
| vulnerability |
VCID-8wxg-1wr8-rfca |
|
| 8 |
| vulnerability |
VCID-9cft-v9u9-fubh |
|
| 9 |
| vulnerability |
VCID-abdh-e635-17cp |
|
| 10 |
| vulnerability |
VCID-bes6-jjfw-tbdx |
|
| 11 |
| vulnerability |
VCID-bzyu-42js-e3e6 |
|
| 12 |
| vulnerability |
VCID-cf81-wpvh-kqa2 |
|
| 13 |
| vulnerability |
VCID-cjpk-feb2-zqds |
|
| 14 |
| vulnerability |
VCID-etr9-c84d-vuhr |
|
| 15 |
| vulnerability |
VCID-g59s-kpjm-dbbg |
|
| 16 |
| vulnerability |
VCID-g94m-69qv-8kgk |
|
| 17 |
| vulnerability |
VCID-gneu-b3qk-q7e4 |
|
| 18 |
| vulnerability |
VCID-j5b5-zjxe-ffhu |
|
| 19 |
| vulnerability |
VCID-j71z-t8bh-wbb4 |
|
| 20 |
| vulnerability |
VCID-jtjs-y7k7-r7ae |
|
| 21 |
| vulnerability |
VCID-k2ku-9mx2-b3a9 |
|
| 22 |
| vulnerability |
VCID-kjnb-e6nd-wudn |
|
| 23 |
| vulnerability |
VCID-kta6-5pt1-27at |
|
| 24 |
| vulnerability |
VCID-mtgm-vqw9-1ubf |
|
| 25 |
| vulnerability |
VCID-myg3-46rj-3qax |
|
| 26 |
| vulnerability |
VCID-n2nm-knaw-gkgx |
|
| 27 |
| vulnerability |
VCID-pqyk-2c8e-5yh5 |
|
| 28 |
| vulnerability |
VCID-psr7-vapd-6udz |
|
| 29 |
| vulnerability |
VCID-q2ng-jgm7-8uc9 |
|
| 30 |
| vulnerability |
VCID-r61c-726k-bfh5 |
|
| 31 |
| vulnerability |
VCID-t296-efx6-1yba |
|
| 32 |
| vulnerability |
VCID-t414-nm3b-cfev |
|
| 33 |
| vulnerability |
VCID-tk2g-6m19-yqg3 |
|
| 34 |
| vulnerability |
VCID-v25d-upc8-wfh4 |
|
| 35 |
| vulnerability |
VCID-vsx2-9wna-nuf2 |
|
| 36 |
| vulnerability |
VCID-wtyd-7ppt-23cj |
|
| 37 |
| vulnerability |
VCID-x248-nq74-wbbs |
|
| 38 |
| vulnerability |
VCID-yb4y-39u3-eufg |
|
| 39 |
| vulnerability |
VCID-ztu1-8yz5-tyc6 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvirt@1.2.4-1~bpo70%252B1.1 |
|
|
| aliases |
CVE-2013-6458
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-u1x7-9n1d-8qb3 |
|
| 58 |
| url |
VCID-urzt-z32b-97dp |
| vulnerability_id |
VCID-urzt-z32b-97dp |
| summary |
The virConnectDomainXMLToNative API function in libvirt 1.1.0 through 1.1.3 checks for the connect:read permission instead of the connect:write permission, which allows attackers to gain domain:write privileges and execute Qemu binaries via crafted XML. NOTE: some of these details are obtained from third party information. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:deb/debian/libvirt@1.2.1-1~bpo70%2B1 |
| purl |
pkg:deb/debian/libvirt@1.2.1-1~bpo70%2B1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-4sf9-8j9p-3fgz |
|
| 1 |
| vulnerability |
VCID-522f-y6qx-nfhn |
|
| 2 |
| vulnerability |
VCID-53fz-t4zs-7kbk |
|
| 3 |
| vulnerability |
VCID-5th2-yymu-x7hm |
|
| 4 |
| vulnerability |
VCID-6pj3-mq9g-yye9 |
|
| 5 |
| vulnerability |
VCID-75av-3nr7-bkh1 |
|
| 6 |
| vulnerability |
VCID-7ezn-r2xq-c7de |
|
| 7 |
| vulnerability |
VCID-8u2b-ad6e-ukaw |
|
| 8 |
| vulnerability |
VCID-8wxg-1wr8-rfca |
|
| 9 |
| vulnerability |
VCID-9cft-v9u9-fubh |
|
| 10 |
| vulnerability |
VCID-abdh-e635-17cp |
|
| 11 |
| vulnerability |
VCID-bes6-jjfw-tbdx |
|
| 12 |
| vulnerability |
VCID-bzyu-42js-e3e6 |
|
| 13 |
| vulnerability |
VCID-cf81-wpvh-kqa2 |
|
| 14 |
| vulnerability |
VCID-cjpk-feb2-zqds |
|
| 15 |
| vulnerability |
VCID-dqys-qxtq-7yd9 |
|
| 16 |
| vulnerability |
VCID-etr9-c84d-vuhr |
|
| 17 |
| vulnerability |
VCID-g3k9-1rc3-xfhu |
|
| 18 |
| vulnerability |
VCID-g59s-kpjm-dbbg |
|
| 19 |
| vulnerability |
VCID-g94m-69qv-8kgk |
|
| 20 |
| vulnerability |
VCID-gneu-b3qk-q7e4 |
|
| 21 |
| vulnerability |
VCID-j5b5-zjxe-ffhu |
|
| 22 |
| vulnerability |
VCID-j71z-t8bh-wbb4 |
|
| 23 |
| vulnerability |
VCID-jtjs-y7k7-r7ae |
|
| 24 |
| vulnerability |
VCID-k2ku-9mx2-b3a9 |
|
| 25 |
| vulnerability |
VCID-kjnb-e6nd-wudn |
|
| 26 |
| vulnerability |
VCID-kta6-5pt1-27at |
|
| 27 |
| vulnerability |
VCID-mtgm-vqw9-1ubf |
|
| 28 |
| vulnerability |
VCID-myg3-46rj-3qax |
|
| 29 |
| vulnerability |
VCID-n2nm-knaw-gkgx |
|
| 30 |
| vulnerability |
VCID-p3ja-7zqb-mybj |
|
| 31 |
| vulnerability |
VCID-pqyk-2c8e-5yh5 |
|
| 32 |
| vulnerability |
VCID-psr7-vapd-6udz |
|
| 33 |
| vulnerability |
VCID-q2ng-jgm7-8uc9 |
|
| 34 |
| vulnerability |
VCID-r61c-726k-bfh5 |
|
| 35 |
| vulnerability |
VCID-t296-efx6-1yba |
|
| 36 |
| vulnerability |
VCID-t414-nm3b-cfev |
|
| 37 |
| vulnerability |
VCID-tk2g-6m19-yqg3 |
|
| 38 |
| vulnerability |
VCID-u1x7-9n1d-8qb3 |
|
| 39 |
| vulnerability |
VCID-v25d-upc8-wfh4 |
|
| 40 |
| vulnerability |
VCID-vsx2-9wna-nuf2 |
|
| 41 |
| vulnerability |
VCID-wtyd-7ppt-23cj |
|
| 42 |
| vulnerability |
VCID-x248-nq74-wbbs |
|
| 43 |
| vulnerability |
VCID-yb4y-39u3-eufg |
|
| 44 |
| vulnerability |
VCID-ztu1-8yz5-tyc6 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvirt@1.2.1-1~bpo70%252B1 |
|
|
| aliases |
CVE-2013-4401
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-urzt-z32b-97dp |
|
| 59 |
| url |
VCID-v25d-upc8-wfh4 |
| vulnerability_id |
VCID-v25d-upc8-wfh4 |
| summary |
The virConnectGetDomainCapabilities() libvirt API, versions 4.x.x before 4.10.1 and 5.x.x before 5.4.1, accepts an "emulatorbin" argument to specify the program providing emulation for a domain. Since v1.2.19, libvirt will execute that program to probe the domain's capabilities. Read-only clients could specify an arbitrary path for this argument, causing libvirtd to execute a crafted executable with its own privileges. |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:deb/debian/libvirt@3.0.0-4%2Bdeb9u4 |
| purl |
pkg:deb/debian/libvirt@3.0.0-4%2Bdeb9u4 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-4sf9-8j9p-3fgz |
|
| 1 |
| vulnerability |
VCID-53fz-t4zs-7kbk |
|
| 2 |
| vulnerability |
VCID-6pj3-mq9g-yye9 |
|
| 3 |
| vulnerability |
VCID-8u2b-ad6e-ukaw |
|
| 4 |
| vulnerability |
VCID-abdh-e635-17cp |
|
| 5 |
| vulnerability |
VCID-bzyu-42js-e3e6 |
|
| 6 |
| vulnerability |
VCID-cf81-wpvh-kqa2 |
|
| 7 |
| vulnerability |
VCID-cjpk-feb2-zqds |
|
| 8 |
| vulnerability |
VCID-etr9-c84d-vuhr |
|
| 9 |
| vulnerability |
VCID-gneu-b3qk-q7e4 |
|
| 10 |
| vulnerability |
VCID-j71z-t8bh-wbb4 |
|
| 11 |
| vulnerability |
VCID-jtjs-y7k7-r7ae |
|
| 12 |
| vulnerability |
VCID-kjnb-e6nd-wudn |
|
| 13 |
| vulnerability |
VCID-mtgm-vqw9-1ubf |
|
| 14 |
| vulnerability |
VCID-myg3-46rj-3qax |
|
| 15 |
| vulnerability |
VCID-n2nm-knaw-gkgx |
|
| 16 |
| vulnerability |
VCID-pqyk-2c8e-5yh5 |
|
| 17 |
| vulnerability |
VCID-psr7-vapd-6udz |
|
| 18 |
| vulnerability |
VCID-q2ng-jgm7-8uc9 |
|
| 19 |
| vulnerability |
VCID-r61c-726k-bfh5 |
|
| 20 |
| vulnerability |
VCID-t296-efx6-1yba |
|
| 21 |
| vulnerability |
VCID-t414-nm3b-cfev |
|
| 22 |
| vulnerability |
VCID-v25d-upc8-wfh4 |
|
| 23 |
| vulnerability |
VCID-wtyd-7ppt-23cj |
|
| 24 |
| vulnerability |
VCID-ztu1-8yz5-tyc6 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvirt@3.0.0-4%252Bdeb9u4 |
|
| 1 |
|
|
| aliases |
CVE-2019-10167
|
| risk_score |
4.0 |
| exploitability |
0.5 |
| weighted_severity |
7.9 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-v25d-upc8-wfh4 |
|
| 60 |
| url |
VCID-vsx2-9wna-nuf2 |
| vulnerability_id |
VCID-vsx2-9wna-nuf2 |
| summary |
libvirt 1.0.0 through 1.2.x before 1.2.5, when fine grained access control is enabled, allows local users to read arbitrary files via a crafted XML document containing an XML external entity declaration in conjunction with an entity reference to the (1) virDomainDefineXML, (2) virNetworkCreateXML, (3) virNetworkDefineXML, (4) virStoragePoolCreateXML, (5) virStoragePoolDefineXML, (6) virStorageVolCreateXML, (7) virDomainCreateXML, (8) virNodeDeviceCreateXML, (9) virInterfaceDefineXML, (10) virStorageVolCreateXMLFrom, (11) virConnectDomainXMLFromNative, (12) virConnectDomainXMLToNative, (13) virSecretDefineXML, (14) virNWFilterDefineXML, (15) virDomainSnapshotCreateXML, (16) virDomainSaveImageDefineXML, (17) virDomainCreateXMLWithFiles, (18) virConnectCompareCPU, or (19) virConnectBaselineCPU API method, related to an XML External Entity (XXE) issue. NOTE: this issue was SPLIT from CVE-2014-0179 per ADT3 due to different affected versions of some vectors. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:deb/debian/libvirt@1.2.9-9 |
| purl |
pkg:deb/debian/libvirt@1.2.9-9 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-4sf9-8j9p-3fgz |
|
| 1 |
| vulnerability |
VCID-53fz-t4zs-7kbk |
|
| 2 |
| vulnerability |
VCID-6pj3-mq9g-yye9 |
|
| 3 |
| vulnerability |
VCID-75av-3nr7-bkh1 |
|
| 4 |
| vulnerability |
VCID-8u2b-ad6e-ukaw |
|
| 5 |
| vulnerability |
VCID-abdh-e635-17cp |
|
| 6 |
| vulnerability |
VCID-bes6-jjfw-tbdx |
|
| 7 |
| vulnerability |
VCID-bzyu-42js-e3e6 |
|
| 8 |
| vulnerability |
VCID-cf81-wpvh-kqa2 |
|
| 9 |
| vulnerability |
VCID-cjpk-feb2-zqds |
|
| 10 |
| vulnerability |
VCID-etr9-c84d-vuhr |
|
| 11 |
| vulnerability |
VCID-gneu-b3qk-q7e4 |
|
| 12 |
| vulnerability |
VCID-j5b5-zjxe-ffhu |
|
| 13 |
| vulnerability |
VCID-j71z-t8bh-wbb4 |
|
| 14 |
| vulnerability |
VCID-jtjs-y7k7-r7ae |
|
| 15 |
| vulnerability |
VCID-k2ku-9mx2-b3a9 |
|
| 16 |
| vulnerability |
VCID-kjnb-e6nd-wudn |
|
| 17 |
| vulnerability |
VCID-mtgm-vqw9-1ubf |
|
| 18 |
| vulnerability |
VCID-myg3-46rj-3qax |
|
| 19 |
| vulnerability |
VCID-n2nm-knaw-gkgx |
|
| 20 |
| vulnerability |
VCID-pqyk-2c8e-5yh5 |
|
| 21 |
| vulnerability |
VCID-psr7-vapd-6udz |
|
| 22 |
| vulnerability |
VCID-q2ng-jgm7-8uc9 |
|
| 23 |
| vulnerability |
VCID-r61c-726k-bfh5 |
|
| 24 |
| vulnerability |
VCID-t296-efx6-1yba |
|
| 25 |
| vulnerability |
VCID-t414-nm3b-cfev |
|
| 26 |
| vulnerability |
VCID-tk2g-6m19-yqg3 |
|
| 27 |
| vulnerability |
VCID-v25d-upc8-wfh4 |
|
| 28 |
| vulnerability |
VCID-wtyd-7ppt-23cj |
|
| 29 |
| vulnerability |
VCID-x248-nq74-wbbs |
|
| 30 |
| vulnerability |
VCID-ztu1-8yz5-tyc6 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvirt@1.2.9-9 |
|
|
| aliases |
CVE-2014-5177
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-vsx2-9wna-nuf2 |
|
| 61 |
| url |
VCID-weet-hgv1-7bb9 |
| vulnerability_id |
VCID-weet-hgv1-7bb9 |
| summary |
Integer overflow in libvirt before 0.9.3 allows remote authenticated users to cause a denial of service (libvirtd crash) and possibly execute arbitrary code via a crafted VirDomainGetVcpus RPC call that triggers memory corruption. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:deb/debian/libvirt@0.9.12.3-1%2Bdeb7u1 |
| purl |
pkg:deb/debian/libvirt@0.9.12.3-1%2Bdeb7u1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-4sf9-8j9p-3fgz |
|
| 1 |
| vulnerability |
VCID-522f-y6qx-nfhn |
|
| 2 |
| vulnerability |
VCID-53fz-t4zs-7kbk |
|
| 3 |
| vulnerability |
VCID-5th2-yymu-x7hm |
|
| 4 |
| vulnerability |
VCID-6pj3-mq9g-yye9 |
|
| 5 |
| vulnerability |
VCID-75av-3nr7-bkh1 |
|
| 6 |
| vulnerability |
VCID-7ezn-r2xq-c7de |
|
| 7 |
| vulnerability |
VCID-7ks5-8e2n-tua4 |
|
| 8 |
| vulnerability |
VCID-8fmd-jdpb-v7eb |
|
| 9 |
| vulnerability |
VCID-8frc-fhvs-bucm |
|
| 10 |
| vulnerability |
VCID-8u2b-ad6e-ukaw |
|
| 11 |
| vulnerability |
VCID-8wxg-1wr8-rfca |
|
| 12 |
| vulnerability |
VCID-9cft-v9u9-fubh |
|
| 13 |
| vulnerability |
VCID-abdh-e635-17cp |
|
| 14 |
| vulnerability |
VCID-bes6-jjfw-tbdx |
|
| 15 |
| vulnerability |
VCID-bw47-fewt-2fax |
|
| 16 |
| vulnerability |
VCID-bzyu-42js-e3e6 |
|
| 17 |
| vulnerability |
VCID-cf81-wpvh-kqa2 |
|
| 18 |
| vulnerability |
VCID-cjpk-feb2-zqds |
|
| 19 |
| vulnerability |
VCID-db3h-q8fp-b3ds |
|
| 20 |
| vulnerability |
VCID-dqys-qxtq-7yd9 |
|
| 21 |
| vulnerability |
VCID-etr9-c84d-vuhr |
|
| 22 |
| vulnerability |
VCID-g2pc-1es2-3qer |
|
| 23 |
| vulnerability |
VCID-g3k9-1rc3-xfhu |
|
| 24 |
| vulnerability |
VCID-g59s-kpjm-dbbg |
|
| 25 |
| vulnerability |
VCID-g94m-69qv-8kgk |
|
| 26 |
| vulnerability |
VCID-gneu-b3qk-q7e4 |
|
| 27 |
| vulnerability |
VCID-h8hd-mdcx-tben |
|
| 28 |
| vulnerability |
VCID-j5b5-zjxe-ffhu |
|
| 29 |
| vulnerability |
VCID-j71z-t8bh-wbb4 |
|
| 30 |
| vulnerability |
VCID-jtjs-y7k7-r7ae |
|
| 31 |
| vulnerability |
VCID-jzhx-dfgg-37ct |
|
| 32 |
| vulnerability |
VCID-k2ku-9mx2-b3a9 |
|
| 33 |
| vulnerability |
VCID-kjnb-e6nd-wudn |
|
| 34 |
| vulnerability |
VCID-kn2h-kurp-pbcc |
|
| 35 |
| vulnerability |
VCID-kqsz-xg9j-ukeu |
|
| 36 |
| vulnerability |
VCID-kta6-5pt1-27at |
|
| 37 |
| vulnerability |
VCID-mtgm-vqw9-1ubf |
|
| 38 |
| vulnerability |
VCID-myg3-46rj-3qax |
|
| 39 |
| vulnerability |
VCID-mzv1-uhwm-fqd2 |
|
| 40 |
| vulnerability |
VCID-n2nm-knaw-gkgx |
|
| 41 |
| vulnerability |
VCID-p3ja-7zqb-mybj |
|
| 42 |
| vulnerability |
VCID-pqyk-2c8e-5yh5 |
|
| 43 |
| vulnerability |
VCID-psr7-vapd-6udz |
|
| 44 |
| vulnerability |
VCID-q2ng-jgm7-8uc9 |
|
| 45 |
| vulnerability |
VCID-qpvd-b2ru-d7a3 |
|
| 46 |
| vulnerability |
VCID-qtct-kbdm-z7ed |
|
| 47 |
| vulnerability |
VCID-qw96-udhq-q7b6 |
|
| 48 |
| vulnerability |
VCID-r61c-726k-bfh5 |
|
| 49 |
| vulnerability |
VCID-rrcc-k1cq-5ugw |
|
| 50 |
| vulnerability |
VCID-t296-efx6-1yba |
|
| 51 |
| vulnerability |
VCID-t414-nm3b-cfev |
|
| 52 |
| vulnerability |
VCID-tk2g-6m19-yqg3 |
|
| 53 |
| vulnerability |
VCID-u1x7-9n1d-8qb3 |
|
| 54 |
| vulnerability |
VCID-urzt-z32b-97dp |
|
| 55 |
| vulnerability |
VCID-v25d-upc8-wfh4 |
|
| 56 |
| vulnerability |
VCID-vsx2-9wna-nuf2 |
|
| 57 |
| vulnerability |
VCID-wtyd-7ppt-23cj |
|
| 58 |
| vulnerability |
VCID-x248-nq74-wbbs |
|
| 59 |
| vulnerability |
VCID-yb4y-39u3-eufg |
|
| 60 |
| vulnerability |
VCID-ztu1-8yz5-tyc6 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvirt@0.9.12.3-1%252Bdeb7u1 |
|
|
| aliases |
CVE-2011-2511
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-weet-hgv1-7bb9 |
|
| 62 |
| url |
VCID-wtyd-7ppt-23cj |
| vulnerability_id |
VCID-wtyd-7ppt-23cj |
| summary |
A NULL pointer dereference flaw was found in the udevConnectListAllInterfaces() function in libvirt. This issue can occur when detaching a host interface while at the same time collecting the list of interfaces via virConnectListAllInterfaces API. This flaw could be used to perform a denial of service attack by causing the libvirt daemon to crash. |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
|
| fixed_packages |
|
| aliases |
CVE-2024-2496
|
| risk_score |
2.2 |
| exploitability |
0.5 |
| weighted_severity |
4.5 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-wtyd-7ppt-23cj |
|
| 63 |
| url |
VCID-x248-nq74-wbbs |
| vulnerability_id |
VCID-x248-nq74-wbbs |
| summary |
The virStorageVolCreateXML API in libvirt 1.2.14 through 1.2.19 allows remote authenticated users with a read-write connection to cause a denial of service (libvirtd crash) by triggering a failed unlink after creating a volume on a root_squash NFS pool. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:deb/debian/libvirt@3.0.0-4%2Bdeb9u2~bpo8%2B1 |
| purl |
pkg:deb/debian/libvirt@3.0.0-4%2Bdeb9u2~bpo8%2B1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-4sf9-8j9p-3fgz |
|
| 1 |
| vulnerability |
VCID-53fz-t4zs-7kbk |
|
| 2 |
| vulnerability |
VCID-6pj3-mq9g-yye9 |
|
| 3 |
| vulnerability |
VCID-8u2b-ad6e-ukaw |
|
| 4 |
| vulnerability |
VCID-abdh-e635-17cp |
|
| 5 |
| vulnerability |
VCID-bzyu-42js-e3e6 |
|
| 6 |
| vulnerability |
VCID-cf81-wpvh-kqa2 |
|
| 7 |
| vulnerability |
VCID-cjpk-feb2-zqds |
|
| 8 |
| vulnerability |
VCID-etr9-c84d-vuhr |
|
| 9 |
| vulnerability |
VCID-gneu-b3qk-q7e4 |
|
| 10 |
| vulnerability |
VCID-j71z-t8bh-wbb4 |
|
| 11 |
| vulnerability |
VCID-jtjs-y7k7-r7ae |
|
| 12 |
| vulnerability |
VCID-kjnb-e6nd-wudn |
|
| 13 |
| vulnerability |
VCID-mtgm-vqw9-1ubf |
|
| 14 |
| vulnerability |
VCID-myg3-46rj-3qax |
|
| 15 |
| vulnerability |
VCID-n2nm-knaw-gkgx |
|
| 16 |
| vulnerability |
VCID-pqyk-2c8e-5yh5 |
|
| 17 |
| vulnerability |
VCID-psr7-vapd-6udz |
|
| 18 |
| vulnerability |
VCID-q2ng-jgm7-8uc9 |
|
| 19 |
| vulnerability |
VCID-r61c-726k-bfh5 |
|
| 20 |
| vulnerability |
VCID-t296-efx6-1yba |
|
| 21 |
| vulnerability |
VCID-t414-nm3b-cfev |
|
| 22 |
| vulnerability |
VCID-v25d-upc8-wfh4 |
|
| 23 |
| vulnerability |
VCID-wtyd-7ppt-23cj |
|
| 24 |
| vulnerability |
VCID-ztu1-8yz5-tyc6 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvirt@3.0.0-4%252Bdeb9u2~bpo8%252B1 |
|
|
| aliases |
CVE-2015-5247
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-x248-nq74-wbbs |
|
| 64 |
| url |
VCID-xkb7-cjga-pybw |
| vulnerability_id |
VCID-xkb7-cjga-pybw |
| summary |
The virNetServerProgramDispatchCall function in libvirt before 0.10.2 allows remote attackers to cause a denial of service (NULL pointer dereference and segmentation fault) via an RPC call with (1) an event as the RPC number or (2) an RPC number whose value is in a "gap" in the RPC dispatch table. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:deb/debian/libvirt@0.9.12.3-1%2Bdeb7u1 |
| purl |
pkg:deb/debian/libvirt@0.9.12.3-1%2Bdeb7u1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-4sf9-8j9p-3fgz |
|
| 1 |
| vulnerability |
VCID-522f-y6qx-nfhn |
|
| 2 |
| vulnerability |
VCID-53fz-t4zs-7kbk |
|
| 3 |
| vulnerability |
VCID-5th2-yymu-x7hm |
|
| 4 |
| vulnerability |
VCID-6pj3-mq9g-yye9 |
|
| 5 |
| vulnerability |
VCID-75av-3nr7-bkh1 |
|
| 6 |
| vulnerability |
VCID-7ezn-r2xq-c7de |
|
| 7 |
| vulnerability |
VCID-7ks5-8e2n-tua4 |
|
| 8 |
| vulnerability |
VCID-8fmd-jdpb-v7eb |
|
| 9 |
| vulnerability |
VCID-8frc-fhvs-bucm |
|
| 10 |
| vulnerability |
VCID-8u2b-ad6e-ukaw |
|
| 11 |
| vulnerability |
VCID-8wxg-1wr8-rfca |
|
| 12 |
| vulnerability |
VCID-9cft-v9u9-fubh |
|
| 13 |
| vulnerability |
VCID-abdh-e635-17cp |
|
| 14 |
| vulnerability |
VCID-bes6-jjfw-tbdx |
|
| 15 |
| vulnerability |
VCID-bw47-fewt-2fax |
|
| 16 |
| vulnerability |
VCID-bzyu-42js-e3e6 |
|
| 17 |
| vulnerability |
VCID-cf81-wpvh-kqa2 |
|
| 18 |
| vulnerability |
VCID-cjpk-feb2-zqds |
|
| 19 |
| vulnerability |
VCID-db3h-q8fp-b3ds |
|
| 20 |
| vulnerability |
VCID-dqys-qxtq-7yd9 |
|
| 21 |
| vulnerability |
VCID-etr9-c84d-vuhr |
|
| 22 |
| vulnerability |
VCID-g2pc-1es2-3qer |
|
| 23 |
| vulnerability |
VCID-g3k9-1rc3-xfhu |
|
| 24 |
| vulnerability |
VCID-g59s-kpjm-dbbg |
|
| 25 |
| vulnerability |
VCID-g94m-69qv-8kgk |
|
| 26 |
| vulnerability |
VCID-gneu-b3qk-q7e4 |
|
| 27 |
| vulnerability |
VCID-h8hd-mdcx-tben |
|
| 28 |
| vulnerability |
VCID-j5b5-zjxe-ffhu |
|
| 29 |
| vulnerability |
VCID-j71z-t8bh-wbb4 |
|
| 30 |
| vulnerability |
VCID-jtjs-y7k7-r7ae |
|
| 31 |
| vulnerability |
VCID-jzhx-dfgg-37ct |
|
| 32 |
| vulnerability |
VCID-k2ku-9mx2-b3a9 |
|
| 33 |
| vulnerability |
VCID-kjnb-e6nd-wudn |
|
| 34 |
| vulnerability |
VCID-kn2h-kurp-pbcc |
|
| 35 |
| vulnerability |
VCID-kqsz-xg9j-ukeu |
|
| 36 |
| vulnerability |
VCID-kta6-5pt1-27at |
|
| 37 |
| vulnerability |
VCID-mtgm-vqw9-1ubf |
|
| 38 |
| vulnerability |
VCID-myg3-46rj-3qax |
|
| 39 |
| vulnerability |
VCID-mzv1-uhwm-fqd2 |
|
| 40 |
| vulnerability |
VCID-n2nm-knaw-gkgx |
|
| 41 |
| vulnerability |
VCID-p3ja-7zqb-mybj |
|
| 42 |
| vulnerability |
VCID-pqyk-2c8e-5yh5 |
|
| 43 |
| vulnerability |
VCID-psr7-vapd-6udz |
|
| 44 |
| vulnerability |
VCID-q2ng-jgm7-8uc9 |
|
| 45 |
| vulnerability |
VCID-qpvd-b2ru-d7a3 |
|
| 46 |
| vulnerability |
VCID-qtct-kbdm-z7ed |
|
| 47 |
| vulnerability |
VCID-qw96-udhq-q7b6 |
|
| 48 |
| vulnerability |
VCID-r61c-726k-bfh5 |
|
| 49 |
| vulnerability |
VCID-rrcc-k1cq-5ugw |
|
| 50 |
| vulnerability |
VCID-t296-efx6-1yba |
|
| 51 |
| vulnerability |
VCID-t414-nm3b-cfev |
|
| 52 |
| vulnerability |
VCID-tk2g-6m19-yqg3 |
|
| 53 |
| vulnerability |
VCID-u1x7-9n1d-8qb3 |
|
| 54 |
| vulnerability |
VCID-urzt-z32b-97dp |
|
| 55 |
| vulnerability |
VCID-v25d-upc8-wfh4 |
|
| 56 |
| vulnerability |
VCID-vsx2-9wna-nuf2 |
|
| 57 |
| vulnerability |
VCID-wtyd-7ppt-23cj |
|
| 58 |
| vulnerability |
VCID-x248-nq74-wbbs |
|
| 59 |
| vulnerability |
VCID-yb4y-39u3-eufg |
|
| 60 |
| vulnerability |
VCID-ztu1-8yz5-tyc6 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvirt@0.9.12.3-1%252Bdeb7u1 |
|
|
| aliases |
CVE-2012-4423
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-xkb7-cjga-pybw |
|
| 65 |
| url |
VCID-xxtc-8yjh-73h8 |
| vulnerability_id |
VCID-xxtc-8yjh-73h8 |
| summary |
The networkReloadIptablesRules function in network/bridge_driver.c in libvirt before 0.9.9 does not properly handle firewall rules on bridge networks when libvirtd is restarted, which might allow remote attackers to bypass intended access restrictions via a (1) DNS or (2) DHCP query. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:deb/debian/libvirt@0.9.12.3-1%2Bdeb7u1 |
| purl |
pkg:deb/debian/libvirt@0.9.12.3-1%2Bdeb7u1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-4sf9-8j9p-3fgz |
|
| 1 |
| vulnerability |
VCID-522f-y6qx-nfhn |
|
| 2 |
| vulnerability |
VCID-53fz-t4zs-7kbk |
|
| 3 |
| vulnerability |
VCID-5th2-yymu-x7hm |
|
| 4 |
| vulnerability |
VCID-6pj3-mq9g-yye9 |
|
| 5 |
| vulnerability |
VCID-75av-3nr7-bkh1 |
|
| 6 |
| vulnerability |
VCID-7ezn-r2xq-c7de |
|
| 7 |
| vulnerability |
VCID-7ks5-8e2n-tua4 |
|
| 8 |
| vulnerability |
VCID-8fmd-jdpb-v7eb |
|
| 9 |
| vulnerability |
VCID-8frc-fhvs-bucm |
|
| 10 |
| vulnerability |
VCID-8u2b-ad6e-ukaw |
|
| 11 |
| vulnerability |
VCID-8wxg-1wr8-rfca |
|
| 12 |
| vulnerability |
VCID-9cft-v9u9-fubh |
|
| 13 |
| vulnerability |
VCID-abdh-e635-17cp |
|
| 14 |
| vulnerability |
VCID-bes6-jjfw-tbdx |
|
| 15 |
| vulnerability |
VCID-bw47-fewt-2fax |
|
| 16 |
| vulnerability |
VCID-bzyu-42js-e3e6 |
|
| 17 |
| vulnerability |
VCID-cf81-wpvh-kqa2 |
|
| 18 |
| vulnerability |
VCID-cjpk-feb2-zqds |
|
| 19 |
| vulnerability |
VCID-db3h-q8fp-b3ds |
|
| 20 |
| vulnerability |
VCID-dqys-qxtq-7yd9 |
|
| 21 |
| vulnerability |
VCID-etr9-c84d-vuhr |
|
| 22 |
| vulnerability |
VCID-g2pc-1es2-3qer |
|
| 23 |
| vulnerability |
VCID-g3k9-1rc3-xfhu |
|
| 24 |
| vulnerability |
VCID-g59s-kpjm-dbbg |
|
| 25 |
| vulnerability |
VCID-g94m-69qv-8kgk |
|
| 26 |
| vulnerability |
VCID-gneu-b3qk-q7e4 |
|
| 27 |
| vulnerability |
VCID-h8hd-mdcx-tben |
|
| 28 |
| vulnerability |
VCID-j5b5-zjxe-ffhu |
|
| 29 |
| vulnerability |
VCID-j71z-t8bh-wbb4 |
|
| 30 |
| vulnerability |
VCID-jtjs-y7k7-r7ae |
|
| 31 |
| vulnerability |
VCID-jzhx-dfgg-37ct |
|
| 32 |
| vulnerability |
VCID-k2ku-9mx2-b3a9 |
|
| 33 |
| vulnerability |
VCID-kjnb-e6nd-wudn |
|
| 34 |
| vulnerability |
VCID-kn2h-kurp-pbcc |
|
| 35 |
| vulnerability |
VCID-kqsz-xg9j-ukeu |
|
| 36 |
| vulnerability |
VCID-kta6-5pt1-27at |
|
| 37 |
| vulnerability |
VCID-mtgm-vqw9-1ubf |
|
| 38 |
| vulnerability |
VCID-myg3-46rj-3qax |
|
| 39 |
| vulnerability |
VCID-mzv1-uhwm-fqd2 |
|
| 40 |
| vulnerability |
VCID-n2nm-knaw-gkgx |
|
| 41 |
| vulnerability |
VCID-p3ja-7zqb-mybj |
|
| 42 |
| vulnerability |
VCID-pqyk-2c8e-5yh5 |
|
| 43 |
| vulnerability |
VCID-psr7-vapd-6udz |
|
| 44 |
| vulnerability |
VCID-q2ng-jgm7-8uc9 |
|
| 45 |
| vulnerability |
VCID-qpvd-b2ru-d7a3 |
|
| 46 |
| vulnerability |
VCID-qtct-kbdm-z7ed |
|
| 47 |
| vulnerability |
VCID-qw96-udhq-q7b6 |
|
| 48 |
| vulnerability |
VCID-r61c-726k-bfh5 |
|
| 49 |
| vulnerability |
VCID-rrcc-k1cq-5ugw |
|
| 50 |
| vulnerability |
VCID-t296-efx6-1yba |
|
| 51 |
| vulnerability |
VCID-t414-nm3b-cfev |
|
| 52 |
| vulnerability |
VCID-tk2g-6m19-yqg3 |
|
| 53 |
| vulnerability |
VCID-u1x7-9n1d-8qb3 |
|
| 54 |
| vulnerability |
VCID-urzt-z32b-97dp |
|
| 55 |
| vulnerability |
VCID-v25d-upc8-wfh4 |
|
| 56 |
| vulnerability |
VCID-vsx2-9wna-nuf2 |
|
| 57 |
| vulnerability |
VCID-wtyd-7ppt-23cj |
|
| 58 |
| vulnerability |
VCID-x248-nq74-wbbs |
|
| 59 |
| vulnerability |
VCID-yb4y-39u3-eufg |
|
| 60 |
| vulnerability |
VCID-ztu1-8yz5-tyc6 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvirt@0.9.12.3-1%252Bdeb7u1 |
|
|
| aliases |
CVE-2011-4600
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-xxtc-8yjh-73h8 |
|
| 66 |
| url |
VCID-yb4y-39u3-eufg |
| vulnerability_id |
VCID-yb4y-39u3-eufg |
| summary |
libvirt 0.7.5 through 1.2.x before 1.2.5 allows local users to cause a denial of service (read block and hang) via a crafted XML document containing an XML external entity declaration in conjunction with an entity reference to the (1) virConnectCompareCPU or (2) virConnectBaselineCPU API method, related to an XML External Entity (XXE) issue. NOTE: this issue was SPLIT per ADT3 due to different affected versions of some vectors. CVE-2014-5177 is used for other API methods. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:deb/debian/libvirt@0.9.12.3-1%2Bdeb7u1 |
| purl |
pkg:deb/debian/libvirt@0.9.12.3-1%2Bdeb7u1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-4sf9-8j9p-3fgz |
|
| 1 |
| vulnerability |
VCID-522f-y6qx-nfhn |
|
| 2 |
| vulnerability |
VCID-53fz-t4zs-7kbk |
|
| 3 |
| vulnerability |
VCID-5th2-yymu-x7hm |
|
| 4 |
| vulnerability |
VCID-6pj3-mq9g-yye9 |
|
| 5 |
| vulnerability |
VCID-75av-3nr7-bkh1 |
|
| 6 |
| vulnerability |
VCID-7ezn-r2xq-c7de |
|
| 7 |
| vulnerability |
VCID-7ks5-8e2n-tua4 |
|
| 8 |
| vulnerability |
VCID-8fmd-jdpb-v7eb |
|
| 9 |
| vulnerability |
VCID-8frc-fhvs-bucm |
|
| 10 |
| vulnerability |
VCID-8u2b-ad6e-ukaw |
|
| 11 |
| vulnerability |
VCID-8wxg-1wr8-rfca |
|
| 12 |
| vulnerability |
VCID-9cft-v9u9-fubh |
|
| 13 |
| vulnerability |
VCID-abdh-e635-17cp |
|
| 14 |
| vulnerability |
VCID-bes6-jjfw-tbdx |
|
| 15 |
| vulnerability |
VCID-bw47-fewt-2fax |
|
| 16 |
| vulnerability |
VCID-bzyu-42js-e3e6 |
|
| 17 |
| vulnerability |
VCID-cf81-wpvh-kqa2 |
|
| 18 |
| vulnerability |
VCID-cjpk-feb2-zqds |
|
| 19 |
| vulnerability |
VCID-db3h-q8fp-b3ds |
|
| 20 |
| vulnerability |
VCID-dqys-qxtq-7yd9 |
|
| 21 |
| vulnerability |
VCID-etr9-c84d-vuhr |
|
| 22 |
| vulnerability |
VCID-g2pc-1es2-3qer |
|
| 23 |
| vulnerability |
VCID-g3k9-1rc3-xfhu |
|
| 24 |
| vulnerability |
VCID-g59s-kpjm-dbbg |
|
| 25 |
| vulnerability |
VCID-g94m-69qv-8kgk |
|
| 26 |
| vulnerability |
VCID-gneu-b3qk-q7e4 |
|
| 27 |
| vulnerability |
VCID-h8hd-mdcx-tben |
|
| 28 |
| vulnerability |
VCID-j5b5-zjxe-ffhu |
|
| 29 |
| vulnerability |
VCID-j71z-t8bh-wbb4 |
|
| 30 |
| vulnerability |
VCID-jtjs-y7k7-r7ae |
|
| 31 |
| vulnerability |
VCID-jzhx-dfgg-37ct |
|
| 32 |
| vulnerability |
VCID-k2ku-9mx2-b3a9 |
|
| 33 |
| vulnerability |
VCID-kjnb-e6nd-wudn |
|
| 34 |
| vulnerability |
VCID-kn2h-kurp-pbcc |
|
| 35 |
| vulnerability |
VCID-kqsz-xg9j-ukeu |
|
| 36 |
| vulnerability |
VCID-kta6-5pt1-27at |
|
| 37 |
| vulnerability |
VCID-mtgm-vqw9-1ubf |
|
| 38 |
| vulnerability |
VCID-myg3-46rj-3qax |
|
| 39 |
| vulnerability |
VCID-mzv1-uhwm-fqd2 |
|
| 40 |
| vulnerability |
VCID-n2nm-knaw-gkgx |
|
| 41 |
| vulnerability |
VCID-p3ja-7zqb-mybj |
|
| 42 |
| vulnerability |
VCID-pqyk-2c8e-5yh5 |
|
| 43 |
| vulnerability |
VCID-psr7-vapd-6udz |
|
| 44 |
| vulnerability |
VCID-q2ng-jgm7-8uc9 |
|
| 45 |
| vulnerability |
VCID-qpvd-b2ru-d7a3 |
|
| 46 |
| vulnerability |
VCID-qtct-kbdm-z7ed |
|
| 47 |
| vulnerability |
VCID-qw96-udhq-q7b6 |
|
| 48 |
| vulnerability |
VCID-r61c-726k-bfh5 |
|
| 49 |
| vulnerability |
VCID-rrcc-k1cq-5ugw |
|
| 50 |
| vulnerability |
VCID-t296-efx6-1yba |
|
| 51 |
| vulnerability |
VCID-t414-nm3b-cfev |
|
| 52 |
| vulnerability |
VCID-tk2g-6m19-yqg3 |
|
| 53 |
| vulnerability |
VCID-u1x7-9n1d-8qb3 |
|
| 54 |
| vulnerability |
VCID-urzt-z32b-97dp |
|
| 55 |
| vulnerability |
VCID-v25d-upc8-wfh4 |
|
| 56 |
| vulnerability |
VCID-vsx2-9wna-nuf2 |
|
| 57 |
| vulnerability |
VCID-wtyd-7ppt-23cj |
|
| 58 |
| vulnerability |
VCID-x248-nq74-wbbs |
|
| 59 |
| vulnerability |
VCID-yb4y-39u3-eufg |
|
| 60 |
| vulnerability |
VCID-ztu1-8yz5-tyc6 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvirt@0.9.12.3-1%252Bdeb7u1 |
|
| 1 |
| url |
pkg:deb/debian/libvirt@1.2.9-9 |
| purl |
pkg:deb/debian/libvirt@1.2.9-9 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-4sf9-8j9p-3fgz |
|
| 1 |
| vulnerability |
VCID-53fz-t4zs-7kbk |
|
| 2 |
| vulnerability |
VCID-6pj3-mq9g-yye9 |
|
| 3 |
| vulnerability |
VCID-75av-3nr7-bkh1 |
|
| 4 |
| vulnerability |
VCID-8u2b-ad6e-ukaw |
|
| 5 |
| vulnerability |
VCID-abdh-e635-17cp |
|
| 6 |
| vulnerability |
VCID-bes6-jjfw-tbdx |
|
| 7 |
| vulnerability |
VCID-bzyu-42js-e3e6 |
|
| 8 |
| vulnerability |
VCID-cf81-wpvh-kqa2 |
|
| 9 |
| vulnerability |
VCID-cjpk-feb2-zqds |
|
| 10 |
| vulnerability |
VCID-etr9-c84d-vuhr |
|
| 11 |
| vulnerability |
VCID-gneu-b3qk-q7e4 |
|
| 12 |
| vulnerability |
VCID-j5b5-zjxe-ffhu |
|
| 13 |
| vulnerability |
VCID-j71z-t8bh-wbb4 |
|
| 14 |
| vulnerability |
VCID-jtjs-y7k7-r7ae |
|
| 15 |
| vulnerability |
VCID-k2ku-9mx2-b3a9 |
|
| 16 |
| vulnerability |
VCID-kjnb-e6nd-wudn |
|
| 17 |
| vulnerability |
VCID-mtgm-vqw9-1ubf |
|
| 18 |
| vulnerability |
VCID-myg3-46rj-3qax |
|
| 19 |
| vulnerability |
VCID-n2nm-knaw-gkgx |
|
| 20 |
| vulnerability |
VCID-pqyk-2c8e-5yh5 |
|
| 21 |
| vulnerability |
VCID-psr7-vapd-6udz |
|
| 22 |
| vulnerability |
VCID-q2ng-jgm7-8uc9 |
|
| 23 |
| vulnerability |
VCID-r61c-726k-bfh5 |
|
| 24 |
| vulnerability |
VCID-t296-efx6-1yba |
|
| 25 |
| vulnerability |
VCID-t414-nm3b-cfev |
|
| 26 |
| vulnerability |
VCID-tk2g-6m19-yqg3 |
|
| 27 |
| vulnerability |
VCID-v25d-upc8-wfh4 |
|
| 28 |
| vulnerability |
VCID-wtyd-7ppt-23cj |
|
| 29 |
| vulnerability |
VCID-x248-nq74-wbbs |
|
| 30 |
| vulnerability |
VCID-ztu1-8yz5-tyc6 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvirt@1.2.9-9 |
|
|
| aliases |
CVE-2014-0179
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-yb4y-39u3-eufg |
|
| 67 |
| url |
VCID-yhk7-v8zt-hbev |
| vulnerability_id |
VCID-yhk7-v8zt-hbev |
| summary |
libvirtd in libvirt before 0.9.0 does not use thread-safe error reporting, which allows remote attackers to cause a denial of service (crash) by causing multiple threads to report errors at the same time. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:deb/debian/libvirt@0.9.12.3-1%2Bdeb7u1 |
| purl |
pkg:deb/debian/libvirt@0.9.12.3-1%2Bdeb7u1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-4sf9-8j9p-3fgz |
|
| 1 |
| vulnerability |
VCID-522f-y6qx-nfhn |
|
| 2 |
| vulnerability |
VCID-53fz-t4zs-7kbk |
|
| 3 |
| vulnerability |
VCID-5th2-yymu-x7hm |
|
| 4 |
| vulnerability |
VCID-6pj3-mq9g-yye9 |
|
| 5 |
| vulnerability |
VCID-75av-3nr7-bkh1 |
|
| 6 |
| vulnerability |
VCID-7ezn-r2xq-c7de |
|
| 7 |
| vulnerability |
VCID-7ks5-8e2n-tua4 |
|
| 8 |
| vulnerability |
VCID-8fmd-jdpb-v7eb |
|
| 9 |
| vulnerability |
VCID-8frc-fhvs-bucm |
|
| 10 |
| vulnerability |
VCID-8u2b-ad6e-ukaw |
|
| 11 |
| vulnerability |
VCID-8wxg-1wr8-rfca |
|
| 12 |
| vulnerability |
VCID-9cft-v9u9-fubh |
|
| 13 |
| vulnerability |
VCID-abdh-e635-17cp |
|
| 14 |
| vulnerability |
VCID-bes6-jjfw-tbdx |
|
| 15 |
| vulnerability |
VCID-bw47-fewt-2fax |
|
| 16 |
| vulnerability |
VCID-bzyu-42js-e3e6 |
|
| 17 |
| vulnerability |
VCID-cf81-wpvh-kqa2 |
|
| 18 |
| vulnerability |
VCID-cjpk-feb2-zqds |
|
| 19 |
| vulnerability |
VCID-db3h-q8fp-b3ds |
|
| 20 |
| vulnerability |
VCID-dqys-qxtq-7yd9 |
|
| 21 |
| vulnerability |
VCID-etr9-c84d-vuhr |
|
| 22 |
| vulnerability |
VCID-g2pc-1es2-3qer |
|
| 23 |
| vulnerability |
VCID-g3k9-1rc3-xfhu |
|
| 24 |
| vulnerability |
VCID-g59s-kpjm-dbbg |
|
| 25 |
| vulnerability |
VCID-g94m-69qv-8kgk |
|
| 26 |
| vulnerability |
VCID-gneu-b3qk-q7e4 |
|
| 27 |
| vulnerability |
VCID-h8hd-mdcx-tben |
|
| 28 |
| vulnerability |
VCID-j5b5-zjxe-ffhu |
|
| 29 |
| vulnerability |
VCID-j71z-t8bh-wbb4 |
|
| 30 |
| vulnerability |
VCID-jtjs-y7k7-r7ae |
|
| 31 |
| vulnerability |
VCID-jzhx-dfgg-37ct |
|
| 32 |
| vulnerability |
VCID-k2ku-9mx2-b3a9 |
|
| 33 |
| vulnerability |
VCID-kjnb-e6nd-wudn |
|
| 34 |
| vulnerability |
VCID-kn2h-kurp-pbcc |
|
| 35 |
| vulnerability |
VCID-kqsz-xg9j-ukeu |
|
| 36 |
| vulnerability |
VCID-kta6-5pt1-27at |
|
| 37 |
| vulnerability |
VCID-mtgm-vqw9-1ubf |
|
| 38 |
| vulnerability |
VCID-myg3-46rj-3qax |
|
| 39 |
| vulnerability |
VCID-mzv1-uhwm-fqd2 |
|
| 40 |
| vulnerability |
VCID-n2nm-knaw-gkgx |
|
| 41 |
| vulnerability |
VCID-p3ja-7zqb-mybj |
|
| 42 |
| vulnerability |
VCID-pqyk-2c8e-5yh5 |
|
| 43 |
| vulnerability |
VCID-psr7-vapd-6udz |
|
| 44 |
| vulnerability |
VCID-q2ng-jgm7-8uc9 |
|
| 45 |
| vulnerability |
VCID-qpvd-b2ru-d7a3 |
|
| 46 |
| vulnerability |
VCID-qtct-kbdm-z7ed |
|
| 47 |
| vulnerability |
VCID-qw96-udhq-q7b6 |
|
| 48 |
| vulnerability |
VCID-r61c-726k-bfh5 |
|
| 49 |
| vulnerability |
VCID-rrcc-k1cq-5ugw |
|
| 50 |
| vulnerability |
VCID-t296-efx6-1yba |
|
| 51 |
| vulnerability |
VCID-t414-nm3b-cfev |
|
| 52 |
| vulnerability |
VCID-tk2g-6m19-yqg3 |
|
| 53 |
| vulnerability |
VCID-u1x7-9n1d-8qb3 |
|
| 54 |
| vulnerability |
VCID-urzt-z32b-97dp |
|
| 55 |
| vulnerability |
VCID-v25d-upc8-wfh4 |
|
| 56 |
| vulnerability |
VCID-vsx2-9wna-nuf2 |
|
| 57 |
| vulnerability |
VCID-wtyd-7ppt-23cj |
|
| 58 |
| vulnerability |
VCID-x248-nq74-wbbs |
|
| 59 |
| vulnerability |
VCID-yb4y-39u3-eufg |
|
| 60 |
| vulnerability |
VCID-ztu1-8yz5-tyc6 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvirt@0.9.12.3-1%252Bdeb7u1 |
|
|
| aliases |
CVE-2011-1486
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-yhk7-v8zt-hbev |
|
| 68 |
| url |
VCID-ys1x-s4vn-tffu |
| vulnerability_id |
VCID-ys1x-s4vn-tffu |
| summary |
The virTypedParameterArrayClear function in libvirt 0.9.13 does not properly handle virDomain* API calls with typed parameters, which might allow remote authenticated users to cause a denial of service (libvirtd crash) via an RPC command with nparams set to zero, which triggers an out-of-bounds read or a free of an invalid pointer. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:deb/debian/libvirt@0.9.12.3-1%2Bdeb7u1 |
| purl |
pkg:deb/debian/libvirt@0.9.12.3-1%2Bdeb7u1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-4sf9-8j9p-3fgz |
|
| 1 |
| vulnerability |
VCID-522f-y6qx-nfhn |
|
| 2 |
| vulnerability |
VCID-53fz-t4zs-7kbk |
|
| 3 |
| vulnerability |
VCID-5th2-yymu-x7hm |
|
| 4 |
| vulnerability |
VCID-6pj3-mq9g-yye9 |
|
| 5 |
| vulnerability |
VCID-75av-3nr7-bkh1 |
|
| 6 |
| vulnerability |
VCID-7ezn-r2xq-c7de |
|
| 7 |
| vulnerability |
VCID-7ks5-8e2n-tua4 |
|
| 8 |
| vulnerability |
VCID-8fmd-jdpb-v7eb |
|
| 9 |
| vulnerability |
VCID-8frc-fhvs-bucm |
|
| 10 |
| vulnerability |
VCID-8u2b-ad6e-ukaw |
|
| 11 |
| vulnerability |
VCID-8wxg-1wr8-rfca |
|
| 12 |
| vulnerability |
VCID-9cft-v9u9-fubh |
|
| 13 |
| vulnerability |
VCID-abdh-e635-17cp |
|
| 14 |
| vulnerability |
VCID-bes6-jjfw-tbdx |
|
| 15 |
| vulnerability |
VCID-bw47-fewt-2fax |
|
| 16 |
| vulnerability |
VCID-bzyu-42js-e3e6 |
|
| 17 |
| vulnerability |
VCID-cf81-wpvh-kqa2 |
|
| 18 |
| vulnerability |
VCID-cjpk-feb2-zqds |
|
| 19 |
| vulnerability |
VCID-db3h-q8fp-b3ds |
|
| 20 |
| vulnerability |
VCID-dqys-qxtq-7yd9 |
|
| 21 |
| vulnerability |
VCID-etr9-c84d-vuhr |
|
| 22 |
| vulnerability |
VCID-g2pc-1es2-3qer |
|
| 23 |
| vulnerability |
VCID-g3k9-1rc3-xfhu |
|
| 24 |
| vulnerability |
VCID-g59s-kpjm-dbbg |
|
| 25 |
| vulnerability |
VCID-g94m-69qv-8kgk |
|
| 26 |
| vulnerability |
VCID-gneu-b3qk-q7e4 |
|
| 27 |
| vulnerability |
VCID-h8hd-mdcx-tben |
|
| 28 |
| vulnerability |
VCID-j5b5-zjxe-ffhu |
|
| 29 |
| vulnerability |
VCID-j71z-t8bh-wbb4 |
|
| 30 |
| vulnerability |
VCID-jtjs-y7k7-r7ae |
|
| 31 |
| vulnerability |
VCID-jzhx-dfgg-37ct |
|
| 32 |
| vulnerability |
VCID-k2ku-9mx2-b3a9 |
|
| 33 |
| vulnerability |
VCID-kjnb-e6nd-wudn |
|
| 34 |
| vulnerability |
VCID-kn2h-kurp-pbcc |
|
| 35 |
| vulnerability |
VCID-kqsz-xg9j-ukeu |
|
| 36 |
| vulnerability |
VCID-kta6-5pt1-27at |
|
| 37 |
| vulnerability |
VCID-mtgm-vqw9-1ubf |
|
| 38 |
| vulnerability |
VCID-myg3-46rj-3qax |
|
| 39 |
| vulnerability |
VCID-mzv1-uhwm-fqd2 |
|
| 40 |
| vulnerability |
VCID-n2nm-knaw-gkgx |
|
| 41 |
| vulnerability |
VCID-p3ja-7zqb-mybj |
|
| 42 |
| vulnerability |
VCID-pqyk-2c8e-5yh5 |
|
| 43 |
| vulnerability |
VCID-psr7-vapd-6udz |
|
| 44 |
| vulnerability |
VCID-q2ng-jgm7-8uc9 |
|
| 45 |
| vulnerability |
VCID-qpvd-b2ru-d7a3 |
|
| 46 |
| vulnerability |
VCID-qtct-kbdm-z7ed |
|
| 47 |
| vulnerability |
VCID-qw96-udhq-q7b6 |
|
| 48 |
| vulnerability |
VCID-r61c-726k-bfh5 |
|
| 49 |
| vulnerability |
VCID-rrcc-k1cq-5ugw |
|
| 50 |
| vulnerability |
VCID-t296-efx6-1yba |
|
| 51 |
| vulnerability |
VCID-t414-nm3b-cfev |
|
| 52 |
| vulnerability |
VCID-tk2g-6m19-yqg3 |
|
| 53 |
| vulnerability |
VCID-u1x7-9n1d-8qb3 |
|
| 54 |
| vulnerability |
VCID-urzt-z32b-97dp |
|
| 55 |
| vulnerability |
VCID-v25d-upc8-wfh4 |
|
| 56 |
| vulnerability |
VCID-vsx2-9wna-nuf2 |
|
| 57 |
| vulnerability |
VCID-wtyd-7ppt-23cj |
|
| 58 |
| vulnerability |
VCID-x248-nq74-wbbs |
|
| 59 |
| vulnerability |
VCID-yb4y-39u3-eufg |
|
| 60 |
| vulnerability |
VCID-ztu1-8yz5-tyc6 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvirt@0.9.12.3-1%252Bdeb7u1 |
|
|
| aliases |
CVE-2012-3445
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-ys1x-s4vn-tffu |
|
| 69 |
| url |
VCID-yxud-sjwj-afh1 |
| vulnerability_id |
VCID-yxud-sjwj-afh1 |
| summary |
Use-after-free vulnerability in the virNetMessageFree function in rpc/virnetserverclient.c in libvirt 1.0.x before 1.0.2, 0.10.2 before 0.10.2.3, 0.9.11 before 0.9.11.9, and 0.9.6 before 0.9.6.4 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code by triggering certain errors during an RPC connection, which causes a message to be freed without being removed from the message queue. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:deb/debian/libvirt@0.9.12.3-1%2Bdeb7u1 |
| purl |
pkg:deb/debian/libvirt@0.9.12.3-1%2Bdeb7u1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-4sf9-8j9p-3fgz |
|
| 1 |
| vulnerability |
VCID-522f-y6qx-nfhn |
|
| 2 |
| vulnerability |
VCID-53fz-t4zs-7kbk |
|
| 3 |
| vulnerability |
VCID-5th2-yymu-x7hm |
|
| 4 |
| vulnerability |
VCID-6pj3-mq9g-yye9 |
|
| 5 |
| vulnerability |
VCID-75av-3nr7-bkh1 |
|
| 6 |
| vulnerability |
VCID-7ezn-r2xq-c7de |
|
| 7 |
| vulnerability |
VCID-7ks5-8e2n-tua4 |
|
| 8 |
| vulnerability |
VCID-8fmd-jdpb-v7eb |
|
| 9 |
| vulnerability |
VCID-8frc-fhvs-bucm |
|
| 10 |
| vulnerability |
VCID-8u2b-ad6e-ukaw |
|
| 11 |
| vulnerability |
VCID-8wxg-1wr8-rfca |
|
| 12 |
| vulnerability |
VCID-9cft-v9u9-fubh |
|
| 13 |
| vulnerability |
VCID-abdh-e635-17cp |
|
| 14 |
| vulnerability |
VCID-bes6-jjfw-tbdx |
|
| 15 |
| vulnerability |
VCID-bw47-fewt-2fax |
|
| 16 |
| vulnerability |
VCID-bzyu-42js-e3e6 |
|
| 17 |
| vulnerability |
VCID-cf81-wpvh-kqa2 |
|
| 18 |
| vulnerability |
VCID-cjpk-feb2-zqds |
|
| 19 |
| vulnerability |
VCID-db3h-q8fp-b3ds |
|
| 20 |
| vulnerability |
VCID-dqys-qxtq-7yd9 |
|
| 21 |
| vulnerability |
VCID-etr9-c84d-vuhr |
|
| 22 |
| vulnerability |
VCID-g2pc-1es2-3qer |
|
| 23 |
| vulnerability |
VCID-g3k9-1rc3-xfhu |
|
| 24 |
| vulnerability |
VCID-g59s-kpjm-dbbg |
|
| 25 |
| vulnerability |
VCID-g94m-69qv-8kgk |
|
| 26 |
| vulnerability |
VCID-gneu-b3qk-q7e4 |
|
| 27 |
| vulnerability |
VCID-h8hd-mdcx-tben |
|
| 28 |
| vulnerability |
VCID-j5b5-zjxe-ffhu |
|
| 29 |
| vulnerability |
VCID-j71z-t8bh-wbb4 |
|
| 30 |
| vulnerability |
VCID-jtjs-y7k7-r7ae |
|
| 31 |
| vulnerability |
VCID-jzhx-dfgg-37ct |
|
| 32 |
| vulnerability |
VCID-k2ku-9mx2-b3a9 |
|
| 33 |
| vulnerability |
VCID-kjnb-e6nd-wudn |
|
| 34 |
| vulnerability |
VCID-kn2h-kurp-pbcc |
|
| 35 |
| vulnerability |
VCID-kqsz-xg9j-ukeu |
|
| 36 |
| vulnerability |
VCID-kta6-5pt1-27at |
|
| 37 |
| vulnerability |
VCID-mtgm-vqw9-1ubf |
|
| 38 |
| vulnerability |
VCID-myg3-46rj-3qax |
|
| 39 |
| vulnerability |
VCID-mzv1-uhwm-fqd2 |
|
| 40 |
| vulnerability |
VCID-n2nm-knaw-gkgx |
|
| 41 |
| vulnerability |
VCID-p3ja-7zqb-mybj |
|
| 42 |
| vulnerability |
VCID-pqyk-2c8e-5yh5 |
|
| 43 |
| vulnerability |
VCID-psr7-vapd-6udz |
|
| 44 |
| vulnerability |
VCID-q2ng-jgm7-8uc9 |
|
| 45 |
| vulnerability |
VCID-qpvd-b2ru-d7a3 |
|
| 46 |
| vulnerability |
VCID-qtct-kbdm-z7ed |
|
| 47 |
| vulnerability |
VCID-qw96-udhq-q7b6 |
|
| 48 |
| vulnerability |
VCID-r61c-726k-bfh5 |
|
| 49 |
| vulnerability |
VCID-rrcc-k1cq-5ugw |
|
| 50 |
| vulnerability |
VCID-t296-efx6-1yba |
|
| 51 |
| vulnerability |
VCID-t414-nm3b-cfev |
|
| 52 |
| vulnerability |
VCID-tk2g-6m19-yqg3 |
|
| 53 |
| vulnerability |
VCID-u1x7-9n1d-8qb3 |
|
| 54 |
| vulnerability |
VCID-urzt-z32b-97dp |
|
| 55 |
| vulnerability |
VCID-v25d-upc8-wfh4 |
|
| 56 |
| vulnerability |
VCID-vsx2-9wna-nuf2 |
|
| 57 |
| vulnerability |
VCID-wtyd-7ppt-23cj |
|
| 58 |
| vulnerability |
VCID-x248-nq74-wbbs |
|
| 59 |
| vulnerability |
VCID-yb4y-39u3-eufg |
|
| 60 |
| vulnerability |
VCID-ztu1-8yz5-tyc6 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvirt@0.9.12.3-1%252Bdeb7u1 |
|
|
| aliases |
CVE-2013-0170
|
| risk_score |
0.1 |
| exploitability |
0.5 |
| weighted_severity |
0.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-yxud-sjwj-afh1 |
|
| 70 |
| url |
VCID-ztu1-8yz5-tyc6 |
| vulnerability_id |
VCID-ztu1-8yz5-tyc6 |
| summary |
libvirt version 2.3.0 and later is vulnerable to a bad default configuration of "verify-peer=no" passed to QEMU by libvirt resulting in a failure to validate SSL/TLS certificates by default. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:deb/debian/libvirt@3.0.0-4%2Bdeb9u2~bpo8%2B1 |
| purl |
pkg:deb/debian/libvirt@3.0.0-4%2Bdeb9u2~bpo8%2B1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-4sf9-8j9p-3fgz |
|
| 1 |
| vulnerability |
VCID-53fz-t4zs-7kbk |
|
| 2 |
| vulnerability |
VCID-6pj3-mq9g-yye9 |
|
| 3 |
| vulnerability |
VCID-8u2b-ad6e-ukaw |
|
| 4 |
| vulnerability |
VCID-abdh-e635-17cp |
|
| 5 |
| vulnerability |
VCID-bzyu-42js-e3e6 |
|
| 6 |
| vulnerability |
VCID-cf81-wpvh-kqa2 |
|
| 7 |
| vulnerability |
VCID-cjpk-feb2-zqds |
|
| 8 |
| vulnerability |
VCID-etr9-c84d-vuhr |
|
| 9 |
| vulnerability |
VCID-gneu-b3qk-q7e4 |
|
| 10 |
| vulnerability |
VCID-j71z-t8bh-wbb4 |
|
| 11 |
| vulnerability |
VCID-jtjs-y7k7-r7ae |
|
| 12 |
| vulnerability |
VCID-kjnb-e6nd-wudn |
|
| 13 |
| vulnerability |
VCID-mtgm-vqw9-1ubf |
|
| 14 |
| vulnerability |
VCID-myg3-46rj-3qax |
|
| 15 |
| vulnerability |
VCID-n2nm-knaw-gkgx |
|
| 16 |
| vulnerability |
VCID-pqyk-2c8e-5yh5 |
|
| 17 |
| vulnerability |
VCID-psr7-vapd-6udz |
|
| 18 |
| vulnerability |
VCID-q2ng-jgm7-8uc9 |
|
| 19 |
| vulnerability |
VCID-r61c-726k-bfh5 |
|
| 20 |
| vulnerability |
VCID-t296-efx6-1yba |
|
| 21 |
| vulnerability |
VCID-t414-nm3b-cfev |
|
| 22 |
| vulnerability |
VCID-v25d-upc8-wfh4 |
|
| 23 |
| vulnerability |
VCID-wtyd-7ppt-23cj |
|
| 24 |
| vulnerability |
VCID-ztu1-8yz5-tyc6 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvirt@3.0.0-4%252Bdeb9u2~bpo8%252B1 |
|
| 1 |
|
|
| aliases |
CVE-2017-1000256
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-ztu1-8yz5-tyc6 |
|