Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:deb/debian/libvirt@1.2.9-9
Typedeb
Namespacedebian
Namelibvirt
Version1.2.9-9
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version11.3.0-2~bpo12+1
Latest_non_vulnerable_version11.3.0-2~bpo12+1
Affected_by_vulnerabilities
0
url VCID-4sf9-8j9p-3fgz
vulnerability_id VCID-4sf9-8j9p-3fgz
summary An off-by-one error flaw was found in the udevListInterfacesByStatus() function in libvirt when the number of interfaces exceeds the size of the `names` array. This issue can be reproduced by sending specially crafted data to the libvirt daemon, allowing an unprivileged client to perform a denial of service attack by causing the libvirt daemon to crash.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-1441.json
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-1441.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-1441
reference_id
reference_type
scores
0
value 0.00056
scoring_system epss
scoring_elements 0.17875
published_at 2026-06-05T12:55:00Z
1
value 0.00056
scoring_system epss
scoring_elements 0.17871
published_at 2026-06-06T12:55:00Z
2
value 0.00056
scoring_system epss
scoring_elements 0.17837
published_at 2026-06-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-1441
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1441
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1441
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 3.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1066058
reference_id 1066058
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1066058
5
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2263841
reference_id 2263841
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-25T17:29:32Z/
url https://bugzilla.redhat.com/show_bug.cgi?id=2263841
6
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:advanced_virtualization:8::el8
reference_id cpe:/a:redhat:advanced_virtualization:8::el8
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:advanced_virtualization:8::el8
7
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream
reference_id cpe:/a:redhat:enterprise_linux:9::appstream
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream
8
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::crb
reference_id cpe:/a:redhat:enterprise_linux:9::crb
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::crb
9
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6
reference_id cpe:/o:redhat:enterprise_linux:6
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6
10
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7
reference_id cpe:/o:redhat:enterprise_linux:7
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7
11
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8
reference_id cpe:/o:redhat:enterprise_linux:8
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8
12
reference_url https://access.redhat.com/security/cve/CVE-2024-1441
reference_id CVE-2024-1441
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-25T17:29:32Z/
url https://access.redhat.com/security/cve/CVE-2024-1441
13
reference_url https://access.redhat.com/errata/RHSA-2024:2560
reference_id RHSA-2024:2560
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-25T17:29:32Z/
url https://access.redhat.com/errata/RHSA-2024:2560
14
reference_url https://usn.ubuntu.com/6734-1/
reference_id USN-6734-1
reference_type
scores
url https://usn.ubuntu.com/6734-1/
15
reference_url https://usn.ubuntu.com/6734-2/
reference_id USN-6734-2
reference_type
scores
url https://usn.ubuntu.com/6734-2/
fixed_packages
0
url pkg:deb/debian/libvirt@7.0.0-3%2Bdeb11u3
purl pkg:deb/debian/libvirt@7.0.0-3%2Bdeb11u3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gt15-erjf-tucj
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvirt@7.0.0-3%252Bdeb11u3
aliases CVE-2024-1441
risk_score 2.5
exploitability 0.5
weighted_severity 5.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-4sf9-8j9p-3fgz
1
url VCID-53fz-t4zs-7kbk
vulnerability_id VCID-53fz-t4zs-7kbk
summary A use-after-free flaw was found in libvirt. The qemuMonitorUnregister() function in qemuProcessHandleMonitorEOF is called using multiple threads without being adequately protected by a monitor lock. This flaw could be triggered by the virConnectGetAllDomainStats API when the guest is shutting down. An unprivileged client with a read-only connection could use this flaw to perform a denial of service attack by causing the libvirt daemon to crash.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3975.json
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3975.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-3975
reference_id
reference_type
scores
0
value 0.00595
scoring_system epss
scoring_elements 0.69698
published_at 2026-06-04T12:55:00Z
1
value 0.00595
scoring_system epss
scoring_elements 0.69738
published_at 2026-06-05T12:55:00Z
2
value 0.00595
scoring_system epss
scoring_elements 0.69746
published_at 2026-06-06T12:55:00Z
3
value 0.00595
scoring_system epss
scoring_elements 0.69737
published_at 2026-06-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-3975
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3975
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3975
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2024326
reference_id 2024326
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2024326
5
reference_url https://access.redhat.com/errata/RHSA-2022:1759
reference_id RHSA-2022:1759
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:1759
6
reference_url https://usn.ubuntu.com/5399-1/
reference_id USN-5399-1
reference_type
scores
url https://usn.ubuntu.com/5399-1/
fixed_packages
0
url pkg:deb/debian/libvirt@7.0.0-3%2Bdeb11u3
purl pkg:deb/debian/libvirt@7.0.0-3%2Bdeb11u3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gt15-erjf-tucj
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvirt@7.0.0-3%252Bdeb11u3
aliases CVE-2021-3975
risk_score 2.4
exploitability 0.5
weighted_severity 4.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-53fz-t4zs-7kbk
2
url VCID-6pj3-mq9g-yye9
vulnerability_id VCID-6pj3-mq9g-yye9
summary An issue was discovered in qemuDomainGetStatsIOThread in qemu/qemu_driver.c in libvirt 4.10.0 though 6.x before 6.1.0. A memory leak was found in the virDomainListGetStats libvirt API that is responsible for retrieving domain statistics when managing QEMU guests. This flaw allows unprivileged users with a read-only connection to cause a memory leak in the domstats command, resulting in a potential denial of service.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-12430.json
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-12430.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-12430
reference_id
reference_type
scores
0
value 0.00717
scoring_system epss
scoring_elements 0.72759
published_at 2026-06-04T12:55:00Z
1
value 0.00717
scoring_system epss
scoring_elements 0.72797
published_at 2026-06-05T12:55:00Z
2
value 0.00717
scoring_system epss
scoring_elements 0.72805
published_at 2026-06-06T12:55:00Z
3
value 0.00717
scoring_system epss
scoring_elements 0.72787
published_at 2026-06-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-12430
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12430
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12430
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1828190
reference_id 1828190
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1828190
5
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=959447
reference_id 959447
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=959447
6
reference_url https://usn.ubuntu.com/4371-1/
reference_id USN-4371-1
reference_type
scores
url https://usn.ubuntu.com/4371-1/
fixed_packages
0
url pkg:deb/debian/libvirt@7.0.0-3%2Bdeb11u3
purl pkg:deb/debian/libvirt@7.0.0-3%2Bdeb11u3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gt15-erjf-tucj
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvirt@7.0.0-3%252Bdeb11u3
aliases CVE-2020-12430
risk_score 3.0
exploitability 0.5
weighted_severity 5.9
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-6pj3-mq9g-yye9
3
url VCID-75av-3nr7-bkh1
vulnerability_id VCID-75av-3nr7-bkh1
summary A NULL pointer deference flaw was found in the way libvirt from 2.5.0 to 3.0.0 handled empty drives. A remote authenticated attacker could use this flaw to crash libvirtd daemon resulting in denial of service.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-2635.json
reference_id
reference_type
scores
0
value 7.7
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-2635.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-2635
reference_id
reference_type
scores
0
value 0.00322
scoring_system epss
scoring_elements 0.55535
published_at 2026-06-04T12:55:00Z
1
value 0.00322
scoring_system epss
scoring_elements 0.55592
published_at 2026-06-05T12:55:00Z
2
value 0.00322
scoring_system epss
scoring_elements 0.55597
published_at 2026-06-06T12:55:00Z
3
value 0.00322
scoring_system epss
scoring_elements 0.55584
published_at 2026-06-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-2635
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2635
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2635
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 1.9
scoring_system cvssv2
scoring_elements AV:L/AC:M/Au:N/C:N/I:N/A:P
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1427090
reference_id 1427090
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1427090
5
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=856313
reference_id 856313
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=856313
fixed_packages
0
url pkg:deb/debian/libvirt@3.0.0-4%2Bdeb9u2~bpo8%2B1
purl pkg:deb/debian/libvirt@3.0.0-4%2Bdeb9u2~bpo8%2B1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-4sf9-8j9p-3fgz
1
vulnerability VCID-53fz-t4zs-7kbk
2
vulnerability VCID-6pj3-mq9g-yye9
3
vulnerability VCID-8u2b-ad6e-ukaw
4
vulnerability VCID-abdh-e635-17cp
5
vulnerability VCID-bzyu-42js-e3e6
6
vulnerability VCID-cf81-wpvh-kqa2
7
vulnerability VCID-cjpk-feb2-zqds
8
vulnerability VCID-etr9-c84d-vuhr
9
vulnerability VCID-gneu-b3qk-q7e4
10
vulnerability VCID-j71z-t8bh-wbb4
11
vulnerability VCID-jtjs-y7k7-r7ae
12
vulnerability VCID-kjnb-e6nd-wudn
13
vulnerability VCID-mtgm-vqw9-1ubf
14
vulnerability VCID-myg3-46rj-3qax
15
vulnerability VCID-n2nm-knaw-gkgx
16
vulnerability VCID-pqyk-2c8e-5yh5
17
vulnerability VCID-psr7-vapd-6udz
18
vulnerability VCID-q2ng-jgm7-8uc9
19
vulnerability VCID-r61c-726k-bfh5
20
vulnerability VCID-t296-efx6-1yba
21
vulnerability VCID-t414-nm3b-cfev
22
vulnerability VCID-v25d-upc8-wfh4
23
vulnerability VCID-wtyd-7ppt-23cj
24
vulnerability VCID-ztu1-8yz5-tyc6
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvirt@3.0.0-4%252Bdeb9u2~bpo8%252B1
aliases CVE-2017-2635
risk_score 3.5
exploitability 0.5
weighted_severity 6.9
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-75av-3nr7-bkh1
4
url VCID-8u2b-ad6e-ukaw
vulnerability_id VCID-8u2b-ad6e-ukaw
summary A NULL pointer dereference flaw was discovered in libvirt before version 5.0.0 in the way it gets interface information through the QEMU agent. An attacker in a guest VM can use this flaw to crash libvirtd and cause a denial of service.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-3840.json
reference_id
reference_type
scores
0
value 5.8
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:L/UI:R/S:C/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-3840.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-3840
reference_id
reference_type
scores
0
value 0.00709
scoring_system epss
scoring_elements 0.72589
published_at 2026-06-04T12:55:00Z
1
value 0.00709
scoring_system epss
scoring_elements 0.72629
published_at 2026-06-05T12:55:00Z
2
value 0.00709
scoring_system epss
scoring_elements 0.72636
published_at 2026-06-06T12:55:00Z
3
value 0.00709
scoring_system epss
scoring_elements 0.72618
published_at 2026-06-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-3840
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3840
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3840
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.8
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:L/UI:R/S:C/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1665228
reference_id 1665228
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1665228
5
reference_url https://access.redhat.com/errata/RHSA-2019:2294
reference_id RHSA-2019:2294
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:2294
6
reference_url https://usn.ubuntu.com/3909-1/
reference_id USN-3909-1
reference_type
scores
url https://usn.ubuntu.com/3909-1/
fixed_packages
0
url pkg:deb/debian/libvirt@5.0.0-4%2Bdeb10u1
purl pkg:deb/debian/libvirt@5.0.0-4%2Bdeb10u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-4sf9-8j9p-3fgz
1
vulnerability VCID-53fz-t4zs-7kbk
2
vulnerability VCID-6pj3-mq9g-yye9
3
vulnerability VCID-abdh-e635-17cp
4
vulnerability VCID-cjpk-feb2-zqds
5
vulnerability VCID-gneu-b3qk-q7e4
6
vulnerability VCID-j71z-t8bh-wbb4
7
vulnerability VCID-kjnb-e6nd-wudn
8
vulnerability VCID-mtgm-vqw9-1ubf
9
vulnerability VCID-myg3-46rj-3qax
10
vulnerability VCID-psr7-vapd-6udz
11
vulnerability VCID-q2ng-jgm7-8uc9
12
vulnerability VCID-r61c-726k-bfh5
13
vulnerability VCID-wtyd-7ppt-23cj
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvirt@5.0.0-4%252Bdeb10u1
aliases CVE-2019-3840
risk_score 2.6
exploitability 0.5
weighted_severity 5.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-8u2b-ad6e-ukaw
5
url VCID-abdh-e635-17cp
vulnerability_id VCID-abdh-e635-17cp
summary privilege escalation
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14339.json
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14339.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-14339
reference_id
reference_type
scores
0
value 0.00196
scoring_system epss
scoring_elements 0.41491
published_at 2026-06-06T12:55:00Z
1
value 0.00196
scoring_system epss
scoring_elements 0.4141
published_at 2026-06-04T12:55:00Z
2
value 0.00196
scoring_system epss
scoring_elements 0.41459
published_at 2026-06-07T12:55:00Z
3
value 0.00196
scoring_system epss
scoring_elements 0.41486
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-14339
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14339
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14339
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 8.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1860069
reference_id 1860069
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1860069
5
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=966563
reference_id 966563
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=966563
6
reference_url https://security.archlinux.org/ASA-202009-8
reference_id ASA-202009-8
reference_type
scores
url https://security.archlinux.org/ASA-202009-8
7
reference_url https://security.archlinux.org/AVG-1232
reference_id AVG-1232
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1232
8
reference_url https://security.gentoo.org/glsa/202101-22
reference_id GLSA-202101-22
reference_type
scores
url https://security.gentoo.org/glsa/202101-22
9
reference_url https://security.gentoo.org/glsa/202210-06
reference_id GLSA-202210-06
reference_type
scores
url https://security.gentoo.org/glsa/202210-06
10
reference_url https://access.redhat.com/errata/RHSA-2020:3586
reference_id RHSA-2020:3586
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:3586
11
reference_url https://access.redhat.com/errata/RHSA-2020:4676
reference_id RHSA-2020:4676
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:4676
fixed_packages
0
url pkg:deb/debian/libvirt@7.0.0-3%2Bdeb11u3
purl pkg:deb/debian/libvirt@7.0.0-3%2Bdeb11u3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gt15-erjf-tucj
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvirt@7.0.0-3%252Bdeb11u3
aliases CVE-2020-14339
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-abdh-e635-17cp
6
url VCID-bes6-jjfw-tbdx
vulnerability_id VCID-bes6-jjfw-tbdx
summary libvirt-domain.c in libvirt before 1.3.1 supports virDomainGetTime API calls by guest agents with an RO connection, even though an RW connection was supposed to be required, a different vulnerability than CVE-2019-3886.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-10746.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-10746.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-10746
reference_id
reference_type
scores
0
value 0.00527
scoring_system epss
scoring_elements 0.67469
published_at 2026-06-04T12:55:00Z
1
value 0.00527
scoring_system epss
scoring_elements 0.6751
published_at 2026-06-05T12:55:00Z
2
value 0.00527
scoring_system epss
scoring_elements 0.67517
published_at 2026-06-06T12:55:00Z
3
value 0.00527
scoring_system epss
scoring_elements 0.67505
published_at 2026-06-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-10746
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10746
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10746
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.2
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1705507
reference_id 1705507
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1705507
fixed_packages
0
url pkg:deb/debian/libvirt@3.0.0-4%2Bdeb9u2~bpo8%2B1
purl pkg:deb/debian/libvirt@3.0.0-4%2Bdeb9u2~bpo8%2B1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-4sf9-8j9p-3fgz
1
vulnerability VCID-53fz-t4zs-7kbk
2
vulnerability VCID-6pj3-mq9g-yye9
3
vulnerability VCID-8u2b-ad6e-ukaw
4
vulnerability VCID-abdh-e635-17cp
5
vulnerability VCID-bzyu-42js-e3e6
6
vulnerability VCID-cf81-wpvh-kqa2
7
vulnerability VCID-cjpk-feb2-zqds
8
vulnerability VCID-etr9-c84d-vuhr
9
vulnerability VCID-gneu-b3qk-q7e4
10
vulnerability VCID-j71z-t8bh-wbb4
11
vulnerability VCID-jtjs-y7k7-r7ae
12
vulnerability VCID-kjnb-e6nd-wudn
13
vulnerability VCID-mtgm-vqw9-1ubf
14
vulnerability VCID-myg3-46rj-3qax
15
vulnerability VCID-n2nm-knaw-gkgx
16
vulnerability VCID-pqyk-2c8e-5yh5
17
vulnerability VCID-psr7-vapd-6udz
18
vulnerability VCID-q2ng-jgm7-8uc9
19
vulnerability VCID-r61c-726k-bfh5
20
vulnerability VCID-t296-efx6-1yba
21
vulnerability VCID-t414-nm3b-cfev
22
vulnerability VCID-v25d-upc8-wfh4
23
vulnerability VCID-wtyd-7ppt-23cj
24
vulnerability VCID-ztu1-8yz5-tyc6
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvirt@3.0.0-4%252Bdeb9u2~bpo8%252B1
aliases CVE-2016-10746
risk_score 3.4
exploitability 0.5
weighted_severity 6.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-bes6-jjfw-tbdx
7
url VCID-bzyu-42js-e3e6
vulnerability_id VCID-bzyu-42js-e3e6
summary A vulnerability was found in libvirt >= 4.1.0 in the virtlockd-admin.socket and virtlogd-admin.socket systemd units. A missing SocketMode configuration parameter allows any user on the host to connect using virtlockd-admin-sock or virtlogd-admin-sock and perform administrative tasks against the virtlockd and virtlogd daemons.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-10132.json
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-10132.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-10132
reference_id
reference_type
scores
0
value 0.01283
scoring_system epss
scoring_elements 0.79942
published_at 2026-06-04T12:55:00Z
1
value 0.01283
scoring_system epss
scoring_elements 0.79967
published_at 2026-06-05T12:55:00Z
2
value 0.01283
scoring_system epss
scoring_elements 0.79972
published_at 2026-06-06T12:55:00Z
3
value 0.01283
scoring_system epss
scoring_elements 0.79968
published_at 2026-06-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-10132
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10132
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10132
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1706067
reference_id 1706067
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1706067
5
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=929334
reference_id 929334
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=929334
6
reference_url https://access.redhat.com/errata/RHSA-2019:1264
reference_id RHSA-2019:1264
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:1264
7
reference_url https://access.redhat.com/errata/RHSA-2019:1268
reference_id RHSA-2019:1268
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:1268
8
reference_url https://access.redhat.com/errata/RHSA-2019:1455
reference_id RHSA-2019:1455
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:1455
9
reference_url https://usn.ubuntu.com/4021-1/
reference_id USN-4021-1
reference_type
scores
url https://usn.ubuntu.com/4021-1/
fixed_packages
0
url pkg:deb/debian/libvirt@5.0.0-4%2Bdeb10u1
purl pkg:deb/debian/libvirt@5.0.0-4%2Bdeb10u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-4sf9-8j9p-3fgz
1
vulnerability VCID-53fz-t4zs-7kbk
2
vulnerability VCID-6pj3-mq9g-yye9
3
vulnerability VCID-abdh-e635-17cp
4
vulnerability VCID-cjpk-feb2-zqds
5
vulnerability VCID-gneu-b3qk-q7e4
6
vulnerability VCID-j71z-t8bh-wbb4
7
vulnerability VCID-kjnb-e6nd-wudn
8
vulnerability VCID-mtgm-vqw9-1ubf
9
vulnerability VCID-myg3-46rj-3qax
10
vulnerability VCID-psr7-vapd-6udz
11
vulnerability VCID-q2ng-jgm7-8uc9
12
vulnerability VCID-r61c-726k-bfh5
13
vulnerability VCID-wtyd-7ppt-23cj
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvirt@5.0.0-4%252Bdeb10u1
aliases CVE-2019-10132
risk_score 4.0
exploitability 0.5
weighted_severity 7.9
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-bzyu-42js-e3e6
8
url VCID-cf81-wpvh-kqa2
vulnerability_id VCID-cf81-wpvh-kqa2
summary qemu/qemu_monitor.c in libvirt allows attackers to cause a denial of service (memory consumption) via a large QEMU reply.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5748.json
reference_id
reference_type
scores
0
value 3.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5748.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-5748
reference_id
reference_type
scores
0
value 0.01494
scoring_system epss
scoring_elements 0.81405
published_at 2026-06-04T12:55:00Z
1
value 0.01494
scoring_system epss
scoring_elements 0.81432
published_at 2026-06-05T12:55:00Z
2
value 0.01494
scoring_system epss
scoring_elements 0.81435
published_at 2026-06-06T12:55:00Z
3
value 0.01494
scoring_system epss
scoring_elements 0.81433
published_at 2026-06-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-5748
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5748
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5748
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 2.8
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:N/I:N/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1528396
reference_id 1528396
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1528396
5
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=887700
reference_id 887700
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=887700
6
reference_url https://security.gentoo.org/glsa/201804-07
reference_id GLSA-201804-07
reference_type
scores
url https://security.gentoo.org/glsa/201804-07
7
reference_url https://security.gentoo.org/glsa/201804-08
reference_id GLSA-201804-08
reference_type
scores
url https://security.gentoo.org/glsa/201804-08
8
reference_url https://access.redhat.com/errata/RHSA-2018:1396
reference_id RHSA-2018:1396
reference_type
scores
url https://access.redhat.com/errata/RHSA-2018:1396
9
reference_url https://access.redhat.com/errata/RHSA-2018:1929
reference_id RHSA-2018:1929
reference_type
scores
url https://access.redhat.com/errata/RHSA-2018:1929
10
reference_url https://usn.ubuntu.com/3576-1/
reference_id USN-3576-1
reference_type
scores
url https://usn.ubuntu.com/3576-1/
fixed_packages
0
url pkg:deb/debian/libvirt@5.0.0-4%2Bdeb10u1
purl pkg:deb/debian/libvirt@5.0.0-4%2Bdeb10u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-4sf9-8j9p-3fgz
1
vulnerability VCID-53fz-t4zs-7kbk
2
vulnerability VCID-6pj3-mq9g-yye9
3
vulnerability VCID-abdh-e635-17cp
4
vulnerability VCID-cjpk-feb2-zqds
5
vulnerability VCID-gneu-b3qk-q7e4
6
vulnerability VCID-j71z-t8bh-wbb4
7
vulnerability VCID-kjnb-e6nd-wudn
8
vulnerability VCID-mtgm-vqw9-1ubf
9
vulnerability VCID-myg3-46rj-3qax
10
vulnerability VCID-psr7-vapd-6udz
11
vulnerability VCID-q2ng-jgm7-8uc9
12
vulnerability VCID-r61c-726k-bfh5
13
vulnerability VCID-wtyd-7ppt-23cj
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvirt@5.0.0-4%252Bdeb10u1
aliases CVE-2018-5748
risk_score 1.5
exploitability 0.5
weighted_severity 3.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-cf81-wpvh-kqa2
9
url VCID-cjpk-feb2-zqds
vulnerability_id VCID-cjpk-feb2-zqds
summary A flaw was found in the libvirt libxl driver. A malicious guest could continuously reboot itself and cause libvirtd on the host to deadlock or crash, resulting in a denial of service condition.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-4147.json
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-4147.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-4147
reference_id
reference_type
scores
0
value 0.00078
scoring_system epss
scoring_elements 0.23267
published_at 2026-06-04T12:55:00Z
1
value 0.00078
scoring_system epss
scoring_elements 0.23351
published_at 2026-06-05T12:55:00Z
2
value 0.00078
scoring_system epss
scoring_elements 0.23336
published_at 2026-06-06T12:55:00Z
3
value 0.00078
scoring_system epss
scoring_elements 0.23291
published_at 2026-06-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-4147
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4147
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4147
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1002535
reference_id 1002535
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1002535
5
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2034195
reference_id 2034195
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2034195
6
reference_url https://usn.ubuntu.com/5399-1/
reference_id USN-5399-1
reference_type
scores
url https://usn.ubuntu.com/5399-1/
fixed_packages
0
url pkg:deb/debian/libvirt@7.0.0-3%2Bdeb11u3
purl pkg:deb/debian/libvirt@7.0.0-3%2Bdeb11u3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gt15-erjf-tucj
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvirt@7.0.0-3%252Bdeb11u3
aliases CVE-2021-4147
risk_score 3.0
exploitability 0.5
weighted_severity 5.9
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-cjpk-feb2-zqds
10
url VCID-etr9-c84d-vuhr
vulnerability_id VCID-etr9-c84d-vuhr
summary The virConnectBaselineHypervisorCPU() and virConnectCompareHypervisorCPU() libvirt APIs, 4.x.x before 4.10.1 and 5.x.x before 5.4.1, accept an "emulator" argument to specify the program providing emulation for a domain. Since v1.2.19, libvirt will execute that program to probe the domain's capabilities. Read-only clients could specify an arbitrary path for this argument, causing libvirtd to execute a crafted executable with its own privileges.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-10168.json
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-10168.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-10168
reference_id
reference_type
scores
0
value 0.00225
scoring_system epss
scoring_elements 0.45272
published_at 2026-06-04T12:55:00Z
1
value 0.00225
scoring_system epss
scoring_elements 0.4534
published_at 2026-06-05T12:55:00Z
2
value 0.00225
scoring_system epss
scoring_elements 0.45345
published_at 2026-06-06T12:55:00Z
3
value 0.00225
scoring_system epss
scoring_elements 0.45325
published_at 2026-06-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-10168
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10168
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10168
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.8
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1720118
reference_id 1720118
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1720118
5
reference_url https://security.gentoo.org/glsa/202003-18
reference_id GLSA-202003-18
reference_type
scores
url https://security.gentoo.org/glsa/202003-18
6
reference_url https://access.redhat.com/errata/RHSA-2019:1579
reference_id RHSA-2019:1579
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:1579
7
reference_url https://access.redhat.com/errata/RHSA-2019:1580
reference_id RHSA-2019:1580
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:1580
8
reference_url https://access.redhat.com/errata/RHSA-2019:1699
reference_id RHSA-2019:1699
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:1699
9
reference_url https://access.redhat.com/errata/RHSA-2019:1762
reference_id RHSA-2019:1762
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:1762
10
reference_url https://usn.ubuntu.com/4047-1/
reference_id USN-4047-1
reference_type
scores
url https://usn.ubuntu.com/4047-1/
fixed_packages
0
url pkg:deb/debian/libvirt@5.0.0-4%2Bdeb10u1
purl pkg:deb/debian/libvirt@5.0.0-4%2Bdeb10u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-4sf9-8j9p-3fgz
1
vulnerability VCID-53fz-t4zs-7kbk
2
vulnerability VCID-6pj3-mq9g-yye9
3
vulnerability VCID-abdh-e635-17cp
4
vulnerability VCID-cjpk-feb2-zqds
5
vulnerability VCID-gneu-b3qk-q7e4
6
vulnerability VCID-j71z-t8bh-wbb4
7
vulnerability VCID-kjnb-e6nd-wudn
8
vulnerability VCID-mtgm-vqw9-1ubf
9
vulnerability VCID-myg3-46rj-3qax
10
vulnerability VCID-psr7-vapd-6udz
11
vulnerability VCID-q2ng-jgm7-8uc9
12
vulnerability VCID-r61c-726k-bfh5
13
vulnerability VCID-wtyd-7ppt-23cj
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvirt@5.0.0-4%252Bdeb10u1
aliases CVE-2019-10168
risk_score 4.0
exploitability 0.5
weighted_severity 7.9
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-etr9-c84d-vuhr
11
url VCID-gneu-b3qk-q7e4
vulnerability_id VCID-gneu-b3qk-q7e4
summary A flaw was found in the RPC library APIs of libvirt. The RPC server deserialization code allocates memory for arrays before the non-negative length check is performed by the C API entry points. Passing a negative length to the g_new0 function results in a crash due to the negative length being treated as a huge positive number. This flaw allows a local, unprivileged user to perform a denial of service attack by causing the libvirt daemon to crash.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-2494.json
reference_id
reference_type
scores
0
value 6.2
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-2494.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-2494
reference_id
reference_type
scores
0
value 0.00026
scoring_system epss
scoring_elements 0.07697
published_at 2026-06-05T12:55:00Z
1
value 0.00026
scoring_system epss
scoring_elements 0.07684
published_at 2026-06-07T12:55:00Z
2
value 0.00026
scoring_system epss
scoring_elements 0.07709
published_at 2026-06-06T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-2494
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2494
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2494
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1067461
reference_id 1067461
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1067461
5
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2270115
reference_id 2270115
reference_type
scores
0
value 6.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-01T15:14:30Z/
url https://bugzilla.redhat.com/show_bug.cgi?id=2270115
6
reference_url https://lists.libvirt.org/archives/list/devel@lists.libvirt.org/thread/BKRQXPLPC6B7FLHJXSBQYW7HNDEBW6RJ/
reference_id BKRQXPLPC6B7FLHJXSBQYW7HNDEBW6RJ
reference_type
scores
0
value 6.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-01T15:14:30Z/
url https://lists.libvirt.org/archives/list/devel@lists.libvirt.org/thread/BKRQXPLPC6B7FLHJXSBQYW7HNDEBW6RJ/
7
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:advanced_virtualization:8::el8
reference_id cpe:/a:redhat:advanced_virtualization:8::el8
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:advanced_virtualization:8::el8
8
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream
reference_id cpe:/a:redhat:enterprise_linux:8::appstream
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream
9
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::crb
reference_id cpe:/a:redhat:enterprise_linux:8::crb
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::crb
10
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream
reference_id cpe:/a:redhat:enterprise_linux:9::appstream
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream
11
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::crb
reference_id cpe:/a:redhat:enterprise_linux:9::crb
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::crb
12
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6
reference_id cpe:/o:redhat:enterprise_linux:6
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6
13
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7
reference_id cpe:/o:redhat:enterprise_linux:7
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7
14
reference_url https://access.redhat.com/security/cve/CVE-2024-2494
reference_id CVE-2024-2494
reference_type
scores
0
value 6.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-01T15:14:30Z/
url https://access.redhat.com/security/cve/CVE-2024-2494
15
reference_url https://security.gentoo.org/glsa/202412-16
reference_id GLSA-202412-16
reference_type
scores
url https://security.gentoo.org/glsa/202412-16
16
reference_url https://access.redhat.com/errata/RHSA-2024:2560
reference_id RHSA-2024:2560
reference_type
scores
0
value 6.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-01T15:14:30Z/
url https://access.redhat.com/errata/RHSA-2024:2560
17
reference_url https://access.redhat.com/errata/RHSA-2024:3253
reference_id RHSA-2024:3253
reference_type
scores
0
value 6.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-01T15:14:30Z/
url https://access.redhat.com/errata/RHSA-2024:3253
18
reference_url https://usn.ubuntu.com/6734-1/
reference_id USN-6734-1
reference_type
scores
url https://usn.ubuntu.com/6734-1/
19
reference_url https://usn.ubuntu.com/6734-2/
reference_id USN-6734-2
reference_type
scores
url https://usn.ubuntu.com/6734-2/
fixed_packages
0
url pkg:deb/debian/libvirt@7.0.0-3%2Bdeb11u3
purl pkg:deb/debian/libvirt@7.0.0-3%2Bdeb11u3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gt15-erjf-tucj
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvirt@7.0.0-3%252Bdeb11u3
aliases CVE-2024-2494
risk_score 2.8
exploitability 0.5
weighted_severity 5.6
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-gneu-b3qk-q7e4
12
url VCID-j5b5-zjxe-ffhu
vulnerability_id VCID-j5b5-zjxe-ffhu
summary libvirt before 2.0.0 improperly disables password checking when the password on a VNC server is set to an empty string, which allows remote attackers to bypass authentication and establish a VNC session by connecting to the server.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5008.json
reference_id
reference_type
scores
0
value 5.6
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5008.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-5008
reference_id
reference_type
scores
0
value 0.02119
scoring_system epss
scoring_elements 0.84448
published_at 2026-06-04T12:55:00Z
1
value 0.02119
scoring_system epss
scoring_elements 0.84472
published_at 2026-06-05T12:55:00Z
2
value 0.02119
scoring_system epss
scoring_elements 0.84475
published_at 2026-06-06T12:55:00Z
3
value 0.02119
scoring_system epss
scoring_elements 0.84468
published_at 2026-06-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-5008
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5008
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5008
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.8
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:N/C:P/I:P/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1351514
reference_id 1351514
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1351514
5
reference_url https://access.redhat.com/errata/RHSA-2016:2577
reference_id RHSA-2016:2577
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:2577
6
reference_url https://usn.ubuntu.com/3576-1/
reference_id USN-3576-1
reference_type
scores
url https://usn.ubuntu.com/3576-1/
fixed_packages
0
url pkg:deb/debian/libvirt@1.2.9-9%2Bdeb8u5
purl pkg:deb/debian/libvirt@1.2.9-9%2Bdeb8u5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-4sf9-8j9p-3fgz
1
vulnerability VCID-53fz-t4zs-7kbk
2
vulnerability VCID-6pj3-mq9g-yye9
3
vulnerability VCID-75av-3nr7-bkh1
4
vulnerability VCID-8u2b-ad6e-ukaw
5
vulnerability VCID-abdh-e635-17cp
6
vulnerability VCID-bes6-jjfw-tbdx
7
vulnerability VCID-bzyu-42js-e3e6
8
vulnerability VCID-cf81-wpvh-kqa2
9
vulnerability VCID-cjpk-feb2-zqds
10
vulnerability VCID-etr9-c84d-vuhr
11
vulnerability VCID-gneu-b3qk-q7e4
12
vulnerability VCID-j5b5-zjxe-ffhu
13
vulnerability VCID-j71z-t8bh-wbb4
14
vulnerability VCID-jtjs-y7k7-r7ae
15
vulnerability VCID-k2ku-9mx2-b3a9
16
vulnerability VCID-kjnb-e6nd-wudn
17
vulnerability VCID-mtgm-vqw9-1ubf
18
vulnerability VCID-myg3-46rj-3qax
19
vulnerability VCID-n2nm-knaw-gkgx
20
vulnerability VCID-pqyk-2c8e-5yh5
21
vulnerability VCID-psr7-vapd-6udz
22
vulnerability VCID-q2ng-jgm7-8uc9
23
vulnerability VCID-r61c-726k-bfh5
24
vulnerability VCID-t296-efx6-1yba
25
vulnerability VCID-t414-nm3b-cfev
26
vulnerability VCID-tk2g-6m19-yqg3
27
vulnerability VCID-v25d-upc8-wfh4
28
vulnerability VCID-wtyd-7ppt-23cj
29
vulnerability VCID-x248-nq74-wbbs
30
vulnerability VCID-ztu1-8yz5-tyc6
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvirt@1.2.9-9%252Bdeb8u5
1
url pkg:deb/debian/libvirt@3.0.0-4%2Bdeb9u2~bpo8%2B1
purl pkg:deb/debian/libvirt@3.0.0-4%2Bdeb9u2~bpo8%2B1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-4sf9-8j9p-3fgz
1
vulnerability VCID-53fz-t4zs-7kbk
2
vulnerability VCID-6pj3-mq9g-yye9
3
vulnerability VCID-8u2b-ad6e-ukaw
4
vulnerability VCID-abdh-e635-17cp
5
vulnerability VCID-bzyu-42js-e3e6
6
vulnerability VCID-cf81-wpvh-kqa2
7
vulnerability VCID-cjpk-feb2-zqds
8
vulnerability VCID-etr9-c84d-vuhr
9
vulnerability VCID-gneu-b3qk-q7e4
10
vulnerability VCID-j71z-t8bh-wbb4
11
vulnerability VCID-jtjs-y7k7-r7ae
12
vulnerability VCID-kjnb-e6nd-wudn
13
vulnerability VCID-mtgm-vqw9-1ubf
14
vulnerability VCID-myg3-46rj-3qax
15
vulnerability VCID-n2nm-knaw-gkgx
16
vulnerability VCID-pqyk-2c8e-5yh5
17
vulnerability VCID-psr7-vapd-6udz
18
vulnerability VCID-q2ng-jgm7-8uc9
19
vulnerability VCID-r61c-726k-bfh5
20
vulnerability VCID-t296-efx6-1yba
21
vulnerability VCID-t414-nm3b-cfev
22
vulnerability VCID-v25d-upc8-wfh4
23
vulnerability VCID-wtyd-7ppt-23cj
24
vulnerability VCID-ztu1-8yz5-tyc6
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvirt@3.0.0-4%252Bdeb9u2~bpo8%252B1
aliases CVE-2016-5008
risk_score 2.5
exploitability 0.5
weighted_severity 5.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-j5b5-zjxe-ffhu
13
url VCID-j71z-t8bh-wbb4
vulnerability_id VCID-j71z-t8bh-wbb4
summary An improper locking issue was found in the virStoragePoolLookupByTargetPath API of libvirt. It occurs in the storagePoolLookupByTargetPath function where a locked virStoragePoolObj object is not properly released on ACL permission failure. Clients connecting to the read-write socket with limited ACL permissions could use this flaw to acquire the lock and prevent other users from accessing storage pool/volume APIs, resulting in a denial of service condition. The highest threat from this vulnerability is to system availability.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3667.json
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3667.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-3667
reference_id
reference_type
scores
0
value 0.00435
scoring_system epss
scoring_elements 0.633
published_at 2026-06-06T12:55:00Z
1
value 0.00435
scoring_system epss
scoring_elements 0.63289
published_at 2026-06-07T12:55:00Z
2
value 0.00435
scoring_system epss
scoring_elements 0.63249
published_at 2026-06-04T12:55:00Z
3
value 0.00435
scoring_system epss
scoring_elements 0.63292
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-3667
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3667
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3667
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1986094
reference_id 1986094
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1986094
5
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991594
reference_id 991594
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991594
6
reference_url https://security.archlinux.org/AVG-2230
reference_id AVG-2230
reference_type
scores
0
value Low
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2230
7
reference_url https://security.gentoo.org/glsa/202210-06
reference_id GLSA-202210-06
reference_type
scores
url https://security.gentoo.org/glsa/202210-06
8
reference_url https://access.redhat.com/errata/RHSA-2021:3703
reference_id RHSA-2021:3703
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:3703
9
reference_url https://access.redhat.com/errata/RHSA-2021:3704
reference_id RHSA-2021:3704
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:3704
10
reference_url https://access.redhat.com/errata/RHSA-2021:4191
reference_id RHSA-2021:4191
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:4191
11
reference_url https://usn.ubuntu.com/5399-1/
reference_id USN-5399-1
reference_type
scores
url https://usn.ubuntu.com/5399-1/
fixed_packages
0
url pkg:deb/debian/libvirt@7.0.0-3%2Bdeb11u3
purl pkg:deb/debian/libvirt@7.0.0-3%2Bdeb11u3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gt15-erjf-tucj
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvirt@7.0.0-3%252Bdeb11u3
aliases CVE-2021-3667
risk_score 3.0
exploitability 0.5
weighted_severity 5.9
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-j71z-t8bh-wbb4
14
url VCID-jtjs-y7k7-r7ae
vulnerability_id VCID-jtjs-y7k7-r7ae
summary It was discovered that libvirtd, versions 4.x.x before 4.10.1 and 5.x.x before 5.4.1, would permit readonly clients to use the virDomainManagedSaveDefineXML() API, which would permit them to modify managed save state files. If a managed save had already been created by a privileged user, a local attacker could modify this file such that libvirtd would execute an arbitrary program when the domain was resumed.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-10166.json
reference_id
reference_type
scores
0
value 7.8
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-10166.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-10166
reference_id
reference_type
scores
0
value 0.00139
scoring_system epss
scoring_elements 0.33654
published_at 2026-06-04T12:55:00Z
1
value 0.00139
scoring_system epss
scoring_elements 0.33755
published_at 2026-06-05T12:55:00Z
2
value 0.00139
scoring_system epss
scoring_elements 0.33768
published_at 2026-06-06T12:55:00Z
3
value 0.00139
scoring_system epss
scoring_elements 0.33735
published_at 2026-06-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-10166
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10166
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10166
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.8
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1720114
reference_id 1720114
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1720114
5
reference_url https://security.gentoo.org/glsa/202003-18
reference_id GLSA-202003-18
reference_type
scores
url https://security.gentoo.org/glsa/202003-18
6
reference_url https://access.redhat.com/errata/RHSA-2019:1579
reference_id RHSA-2019:1579
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:1579
7
reference_url https://access.redhat.com/errata/RHSA-2019:1580
reference_id RHSA-2019:1580
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:1580
8
reference_url https://access.redhat.com/errata/RHSA-2019:1699
reference_id RHSA-2019:1699
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:1699
9
reference_url https://access.redhat.com/errata/RHSA-2019:1762
reference_id RHSA-2019:1762
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:1762
10
reference_url https://usn.ubuntu.com/4047-1/
reference_id USN-4047-1
reference_type
scores
url https://usn.ubuntu.com/4047-1/
fixed_packages
0
url pkg:deb/debian/libvirt@5.0.0-4%2Bdeb10u1
purl pkg:deb/debian/libvirt@5.0.0-4%2Bdeb10u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-4sf9-8j9p-3fgz
1
vulnerability VCID-53fz-t4zs-7kbk
2
vulnerability VCID-6pj3-mq9g-yye9
3
vulnerability VCID-abdh-e635-17cp
4
vulnerability VCID-cjpk-feb2-zqds
5
vulnerability VCID-gneu-b3qk-q7e4
6
vulnerability VCID-j71z-t8bh-wbb4
7
vulnerability VCID-kjnb-e6nd-wudn
8
vulnerability VCID-mtgm-vqw9-1ubf
9
vulnerability VCID-myg3-46rj-3qax
10
vulnerability VCID-psr7-vapd-6udz
11
vulnerability VCID-q2ng-jgm7-8uc9
12
vulnerability VCID-r61c-726k-bfh5
13
vulnerability VCID-wtyd-7ppt-23cj
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvirt@5.0.0-4%252Bdeb10u1
aliases CVE-2019-10166
risk_score 3.5
exploitability 0.5
weighted_severity 7.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-jtjs-y7k7-r7ae
15
url VCID-k2ku-9mx2-b3a9
vulnerability_id VCID-k2ku-9mx2-b3a9
summary Directory traversal vulnerability in the virStorageBackendFileSystemVolCreate function in storage/storage_backend_fs.c in libvirt, when fine-grained Access Control Lists (ACL) are in effect, allows local users with storage_vol:create ACL but not domain:write permission to write to arbitrary files via a .. (dot dot) in a volume name.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-5313.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-5313.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2015-5313
reference_id
reference_type
scores
0
value 0.00057
scoring_system epss
scoring_elements 0.17967
published_at 2026-06-04T12:55:00Z
1
value 0.00057
scoring_system epss
scoring_elements 0.18046
published_at 2026-06-06T12:55:00Z
2
value 0.00057
scoring_system epss
scoring_elements 0.18009
published_at 2026-06-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2015-5313
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5313
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5313
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1277121
reference_id 1277121
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1277121
4
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=808273
reference_id 808273
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=808273
5
reference_url https://security.gentoo.org/glsa/201612-10
reference_id GLSA-201612-10
reference_type
scores
url https://security.gentoo.org/glsa/201612-10
6
reference_url https://access.redhat.com/errata/RHSA-2016:2577
reference_id RHSA-2016:2577
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:2577
7
reference_url https://usn.ubuntu.com/2867-1/
reference_id USN-2867-1
reference_type
scores
url https://usn.ubuntu.com/2867-1/
fixed_packages
0
url pkg:deb/debian/libvirt@3.0.0-4%2Bdeb9u2~bpo8%2B1
purl pkg:deb/debian/libvirt@3.0.0-4%2Bdeb9u2~bpo8%2B1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-4sf9-8j9p-3fgz
1
vulnerability VCID-53fz-t4zs-7kbk
2
vulnerability VCID-6pj3-mq9g-yye9
3
vulnerability VCID-8u2b-ad6e-ukaw
4
vulnerability VCID-abdh-e635-17cp
5
vulnerability VCID-bzyu-42js-e3e6
6
vulnerability VCID-cf81-wpvh-kqa2
7
vulnerability VCID-cjpk-feb2-zqds
8
vulnerability VCID-etr9-c84d-vuhr
9
vulnerability VCID-gneu-b3qk-q7e4
10
vulnerability VCID-j71z-t8bh-wbb4
11
vulnerability VCID-jtjs-y7k7-r7ae
12
vulnerability VCID-kjnb-e6nd-wudn
13
vulnerability VCID-mtgm-vqw9-1ubf
14
vulnerability VCID-myg3-46rj-3qax
15
vulnerability VCID-n2nm-knaw-gkgx
16
vulnerability VCID-pqyk-2c8e-5yh5
17
vulnerability VCID-psr7-vapd-6udz
18
vulnerability VCID-q2ng-jgm7-8uc9
19
vulnerability VCID-r61c-726k-bfh5
20
vulnerability VCID-t296-efx6-1yba
21
vulnerability VCID-t414-nm3b-cfev
22
vulnerability VCID-v25d-upc8-wfh4
23
vulnerability VCID-wtyd-7ppt-23cj
24
vulnerability VCID-ztu1-8yz5-tyc6
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvirt@3.0.0-4%252Bdeb9u2~bpo8%252B1
aliases CVE-2015-5313
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-k2ku-9mx2-b3a9
16
url VCID-kjnb-e6nd-wudn
vulnerability_id VCID-kjnb-e6nd-wudn
summary denial of service
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-10703.json
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-10703.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-10703
reference_id
reference_type
scores
0
value 0.00689
scoring_system epss
scoring_elements 0.7221
published_at 2026-06-06T12:55:00Z
1
value 0.00689
scoring_system epss
scoring_elements 0.72162
published_at 2026-06-04T12:55:00Z
2
value 0.00689
scoring_system epss
scoring_elements 0.72189
published_at 2026-06-07T12:55:00Z
3
value 0.00689
scoring_system epss
scoring_elements 0.72203
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-10703
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10703
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10703
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1816650
reference_id 1816650
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1816650
5
reference_url https://security.archlinux.org/AVG-1174
reference_id AVG-1174
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1174
6
reference_url https://access.redhat.com/errata/RHSA-2020:4000
reference_id RHSA-2020:4000
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:4000
7
reference_url https://access.redhat.com/errata/RHSA-2020:4676
reference_id RHSA-2020:4676
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:4676
8
reference_url https://usn.ubuntu.com/4371-1/
reference_id USN-4371-1
reference_type
scores
url https://usn.ubuntu.com/4371-1/
fixed_packages
0
url pkg:deb/debian/libvirt@7.0.0-3%2Bdeb11u3
purl pkg:deb/debian/libvirt@7.0.0-3%2Bdeb11u3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gt15-erjf-tucj
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvirt@7.0.0-3%252Bdeb11u3
aliases CVE-2020-10703
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-kjnb-e6nd-wudn
17
url VCID-mtgm-vqw9-1ubf
vulnerability_id VCID-mtgm-vqw9-1ubf
summary qemu/qemu_driver.c in libvirt before 6.0.0 mishandles the holding of a monitor job during a query to a guest agent, which allows attackers to cause a denial of service (API blockage).
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-20485.json
reference_id
reference_type
scores
0
value 5.8
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:C/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-20485.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-20485
reference_id
reference_type
scores
0
value 0.00192
scoring_system epss
scoring_elements 0.40896
published_at 2026-06-04T12:55:00Z
1
value 0.00192
scoring_system epss
scoring_elements 0.40973
published_at 2026-06-05T12:55:00Z
2
value 0.00192
scoring_system epss
scoring_elements 0.40977
published_at 2026-06-06T12:55:00Z
3
value 0.00192
scoring_system epss
scoring_elements 0.40946
published_at 2026-06-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-20485
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20485
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20485
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1809740
reference_id 1809740
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1809740
5
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=953078
reference_id 953078
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=953078
6
reference_url https://access.redhat.com/errata/RHSA-2020:4000
reference_id RHSA-2020:4000
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:4000
7
reference_url https://access.redhat.com/errata/RHSA-2020:4676
reference_id RHSA-2020:4676
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:4676
fixed_packages
0
url pkg:deb/debian/libvirt@7.0.0-3%2Bdeb11u3
purl pkg:deb/debian/libvirt@7.0.0-3%2Bdeb11u3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gt15-erjf-tucj
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvirt@7.0.0-3%252Bdeb11u3
aliases CVE-2019-20485
risk_score 2.6
exploitability 0.5
weighted_severity 5.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-mtgm-vqw9-1ubf
18
url VCID-myg3-46rj-3qax
vulnerability_id VCID-myg3-46rj-3qax
summary A missing authorization flaw was found in the libvirt API responsible for changing the QEMU agent response timeout. This flaw allows read-only connections to adjust the time that libvirt waits for the QEMU guest agent to respond to agent commands. Depending on the timeout value that is set, this flaw can make guest agent commands fail because the agent cannot respond in time. Unprivileged users with a read-only connection could abuse this flaw to set the response timeout for all guest agent messages to zero, potentially leading to a denial of service. This flaw affects libvirt versions before 6.2.0.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-10701.json
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-10701.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-10701
reference_id
reference_type
scores
0
value 0.00242
scoring_system epss
scoring_elements 0.47648
published_at 2026-06-04T12:55:00Z
1
value 0.00242
scoring_system epss
scoring_elements 0.47712
published_at 2026-06-05T12:55:00Z
2
value 0.00242
scoring_system epss
scoring_elements 0.47713
published_at 2026-06-06T12:55:00Z
3
value 0.00242
scoring_system epss
scoring_elements 0.47694
published_at 2026-06-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-10701
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10701
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10701
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1819163
reference_id 1819163
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1819163
4
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=955841
reference_id 955841
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=955841
fixed_packages
0
url pkg:deb/debian/libvirt@7.0.0-3%2Bdeb11u3
purl pkg:deb/debian/libvirt@7.0.0-3%2Bdeb11u3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gt15-erjf-tucj
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvirt@7.0.0-3%252Bdeb11u3
aliases CVE-2020-10701
risk_score 3.0
exploitability 0.5
weighted_severity 5.9
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-myg3-46rj-3qax
19
url VCID-n2nm-knaw-gkgx
vulnerability_id VCID-n2nm-knaw-gkgx
summary libvirt version before 4.2.0-rc1 is vulnerable to a resource exhaustion as a result of an incomplete fix for CVE-2018-5748 that affects QEMU monitor but now also triggered via QEMU guest agent.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1064.json
reference_id
reference_type
scores
0
value 3.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1064.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-1064
reference_id
reference_type
scores
0
value 0.01419
scoring_system epss
scoring_elements 0.80923
published_at 2026-06-04T12:55:00Z
1
value 0.01419
scoring_system epss
scoring_elements 0.80952
published_at 2026-06-05T12:55:00Z
2
value 0.01419
scoring_system epss
scoring_elements 0.80954
published_at 2026-06-06T12:55:00Z
3
value 0.01419
scoring_system epss
scoring_elements 0.80951
published_at 2026-06-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-1064
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1064
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1064
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1550672
reference_id 1550672
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1550672
5
reference_url https://access.redhat.com/errata/RHSA-2018:1396
reference_id RHSA-2018:1396
reference_type
scores
url https://access.redhat.com/errata/RHSA-2018:1396
6
reference_url https://access.redhat.com/errata/RHSA-2018:1929
reference_id RHSA-2018:1929
reference_type
scores
url https://access.redhat.com/errata/RHSA-2018:1929
fixed_packages
0
url pkg:deb/debian/libvirt@1.2.9-9%2Bdeb8u5
purl pkg:deb/debian/libvirt@1.2.9-9%2Bdeb8u5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-4sf9-8j9p-3fgz
1
vulnerability VCID-53fz-t4zs-7kbk
2
vulnerability VCID-6pj3-mq9g-yye9
3
vulnerability VCID-75av-3nr7-bkh1
4
vulnerability VCID-8u2b-ad6e-ukaw
5
vulnerability VCID-abdh-e635-17cp
6
vulnerability VCID-bes6-jjfw-tbdx
7
vulnerability VCID-bzyu-42js-e3e6
8
vulnerability VCID-cf81-wpvh-kqa2
9
vulnerability VCID-cjpk-feb2-zqds
10
vulnerability VCID-etr9-c84d-vuhr
11
vulnerability VCID-gneu-b3qk-q7e4
12
vulnerability VCID-j5b5-zjxe-ffhu
13
vulnerability VCID-j71z-t8bh-wbb4
14
vulnerability VCID-jtjs-y7k7-r7ae
15
vulnerability VCID-k2ku-9mx2-b3a9
16
vulnerability VCID-kjnb-e6nd-wudn
17
vulnerability VCID-mtgm-vqw9-1ubf
18
vulnerability VCID-myg3-46rj-3qax
19
vulnerability VCID-n2nm-knaw-gkgx
20
vulnerability VCID-pqyk-2c8e-5yh5
21
vulnerability VCID-psr7-vapd-6udz
22
vulnerability VCID-q2ng-jgm7-8uc9
23
vulnerability VCID-r61c-726k-bfh5
24
vulnerability VCID-t296-efx6-1yba
25
vulnerability VCID-t414-nm3b-cfev
26
vulnerability VCID-tk2g-6m19-yqg3
27
vulnerability VCID-v25d-upc8-wfh4
28
vulnerability VCID-wtyd-7ppt-23cj
29
vulnerability VCID-x248-nq74-wbbs
30
vulnerability VCID-ztu1-8yz5-tyc6
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvirt@1.2.9-9%252Bdeb8u5
1
url pkg:deb/debian/libvirt@3.0.0-4%2Bdeb9u4
purl pkg:deb/debian/libvirt@3.0.0-4%2Bdeb9u4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-4sf9-8j9p-3fgz
1
vulnerability VCID-53fz-t4zs-7kbk
2
vulnerability VCID-6pj3-mq9g-yye9
3
vulnerability VCID-8u2b-ad6e-ukaw
4
vulnerability VCID-abdh-e635-17cp
5
vulnerability VCID-bzyu-42js-e3e6
6
vulnerability VCID-cf81-wpvh-kqa2
7
vulnerability VCID-cjpk-feb2-zqds
8
vulnerability VCID-etr9-c84d-vuhr
9
vulnerability VCID-gneu-b3qk-q7e4
10
vulnerability VCID-j71z-t8bh-wbb4
11
vulnerability VCID-jtjs-y7k7-r7ae
12
vulnerability VCID-kjnb-e6nd-wudn
13
vulnerability VCID-mtgm-vqw9-1ubf
14
vulnerability VCID-myg3-46rj-3qax
15
vulnerability VCID-n2nm-knaw-gkgx
16
vulnerability VCID-pqyk-2c8e-5yh5
17
vulnerability VCID-psr7-vapd-6udz
18
vulnerability VCID-q2ng-jgm7-8uc9
19
vulnerability VCID-r61c-726k-bfh5
20
vulnerability VCID-t296-efx6-1yba
21
vulnerability VCID-t414-nm3b-cfev
22
vulnerability VCID-v25d-upc8-wfh4
23
vulnerability VCID-wtyd-7ppt-23cj
24
vulnerability VCID-ztu1-8yz5-tyc6
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvirt@3.0.0-4%252Bdeb9u4
2
url pkg:deb/debian/libvirt@5.0.0-4%2Bdeb10u1
purl pkg:deb/debian/libvirt@5.0.0-4%2Bdeb10u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-4sf9-8j9p-3fgz
1
vulnerability VCID-53fz-t4zs-7kbk
2
vulnerability VCID-6pj3-mq9g-yye9
3
vulnerability VCID-abdh-e635-17cp
4
vulnerability VCID-cjpk-feb2-zqds
5
vulnerability VCID-gneu-b3qk-q7e4
6
vulnerability VCID-j71z-t8bh-wbb4
7
vulnerability VCID-kjnb-e6nd-wudn
8
vulnerability VCID-mtgm-vqw9-1ubf
9
vulnerability VCID-myg3-46rj-3qax
10
vulnerability VCID-psr7-vapd-6udz
11
vulnerability VCID-q2ng-jgm7-8uc9
12
vulnerability VCID-r61c-726k-bfh5
13
vulnerability VCID-wtyd-7ppt-23cj
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvirt@5.0.0-4%252Bdeb10u1
aliases CVE-2018-1064
risk_score 1.5
exploitability 0.5
weighted_severity 3.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-n2nm-knaw-gkgx
20
url VCID-pqyk-2c8e-5yh5
vulnerability_id VCID-pqyk-2c8e-5yh5
summary It was discovered that libvirtd before versions 4.10.1 and 5.4.1 would permit read-only clients to use the virDomainSaveImageGetXMLDesc() API, specifying an arbitrary path which would be accessed with the permissions of the libvirtd process. An attacker with access to the libvirtd socket could use this to probe the existence of arbitrary files, cause denial of service or cause libvirtd to execute arbitrary programs.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-10161.json
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-10161.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-10161
reference_id
reference_type
scores
0
value 0.0014
scoring_system epss
scoring_elements 0.33888
published_at 2026-06-07T12:55:00Z
1
value 0.00259
scoring_system epss
scoring_elements 0.49462
published_at 2026-06-04T12:55:00Z
2
value 0.00259
scoring_system epss
scoring_elements 0.49525
published_at 2026-06-05T12:55:00Z
3
value 0.00259
scoring_system epss
scoring_elements 0.49536
published_at 2026-06-06T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-10161
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10161
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10161
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10167
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10167
4
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.8
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
5
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1720115
reference_id 1720115
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1720115
6
reference_url https://security.gentoo.org/glsa/202003-18
reference_id GLSA-202003-18
reference_type
scores
url https://security.gentoo.org/glsa/202003-18
7
reference_url https://access.redhat.com/errata/RHSA-2019:1578
reference_id RHSA-2019:1578
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:1578
8
reference_url https://access.redhat.com/errata/RHSA-2019:1579
reference_id RHSA-2019:1579
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:1579
9
reference_url https://access.redhat.com/errata/RHSA-2019:1580
reference_id RHSA-2019:1580
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:1580
10
reference_url https://access.redhat.com/errata/RHSA-2019:1699
reference_id RHSA-2019:1699
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:1699
11
reference_url https://access.redhat.com/errata/RHSA-2019:1762
reference_id RHSA-2019:1762
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:1762
12
reference_url https://usn.ubuntu.com/4047-1/
reference_id USN-4047-1
reference_type
scores
url https://usn.ubuntu.com/4047-1/
13
reference_url https://usn.ubuntu.com/4047-2/
reference_id USN-4047-2
reference_type
scores
url https://usn.ubuntu.com/4047-2/
fixed_packages
0
url pkg:deb/debian/libvirt@3.0.0-4%2Bdeb9u4
purl pkg:deb/debian/libvirt@3.0.0-4%2Bdeb9u4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-4sf9-8j9p-3fgz
1
vulnerability VCID-53fz-t4zs-7kbk
2
vulnerability VCID-6pj3-mq9g-yye9
3
vulnerability VCID-8u2b-ad6e-ukaw
4
vulnerability VCID-abdh-e635-17cp
5
vulnerability VCID-bzyu-42js-e3e6
6
vulnerability VCID-cf81-wpvh-kqa2
7
vulnerability VCID-cjpk-feb2-zqds
8
vulnerability VCID-etr9-c84d-vuhr
9
vulnerability VCID-gneu-b3qk-q7e4
10
vulnerability VCID-j71z-t8bh-wbb4
11
vulnerability VCID-jtjs-y7k7-r7ae
12
vulnerability VCID-kjnb-e6nd-wudn
13
vulnerability VCID-mtgm-vqw9-1ubf
14
vulnerability VCID-myg3-46rj-3qax
15
vulnerability VCID-n2nm-knaw-gkgx
16
vulnerability VCID-pqyk-2c8e-5yh5
17
vulnerability VCID-psr7-vapd-6udz
18
vulnerability VCID-q2ng-jgm7-8uc9
19
vulnerability VCID-r61c-726k-bfh5
20
vulnerability VCID-t296-efx6-1yba
21
vulnerability VCID-t414-nm3b-cfev
22
vulnerability VCID-v25d-upc8-wfh4
23
vulnerability VCID-wtyd-7ppt-23cj
24
vulnerability VCID-ztu1-8yz5-tyc6
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvirt@3.0.0-4%252Bdeb9u4
1
url pkg:deb/debian/libvirt@5.0.0-4%2Bdeb10u1
purl pkg:deb/debian/libvirt@5.0.0-4%2Bdeb10u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-4sf9-8j9p-3fgz
1
vulnerability VCID-53fz-t4zs-7kbk
2
vulnerability VCID-6pj3-mq9g-yye9
3
vulnerability VCID-abdh-e635-17cp
4
vulnerability VCID-cjpk-feb2-zqds
5
vulnerability VCID-gneu-b3qk-q7e4
6
vulnerability VCID-j71z-t8bh-wbb4
7
vulnerability VCID-kjnb-e6nd-wudn
8
vulnerability VCID-mtgm-vqw9-1ubf
9
vulnerability VCID-myg3-46rj-3qax
10
vulnerability VCID-psr7-vapd-6udz
11
vulnerability VCID-q2ng-jgm7-8uc9
12
vulnerability VCID-r61c-726k-bfh5
13
vulnerability VCID-wtyd-7ppt-23cj
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvirt@5.0.0-4%252Bdeb10u1
aliases CVE-2019-10161
risk_score 4.0
exploitability 0.5
weighted_severity 7.9
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-pqyk-2c8e-5yh5
21
url VCID-psr7-vapd-6udz
vulnerability_id VCID-psr7-vapd-6udz
summary information disclosure
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3631.json
reference_id
reference_type
scores
0
value 3.0
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3631.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-3631
reference_id
reference_type
scores
0
value 0.00067
scoring_system epss
scoring_elements 0.20859
published_at 2026-06-07T12:55:00Z
1
value 0.00067
scoring_system epss
scoring_elements 0.20842
published_at 2026-06-04T12:55:00Z
2
value 0.00067
scoring_system epss
scoring_elements 0.20917
published_at 2026-06-05T12:55:00Z
3
value 0.00067
scoring_system epss
scoring_elements 0.20903
published_at 2026-06-06T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-3631
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3631
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3631
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://gitlab.com/libvirt/libvirt/-/commit/15073504dbb624d3f6c911e85557019d3620fdb2
reference_id 15073504dbb624d3f6c911e85557019d3620fdb2
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-19T19:33:05Z/
url https://gitlab.com/libvirt/libvirt/-/commit/15073504dbb624d3f6c911e85557019d3620fdb2
5
reference_url https://gitlab.com/libvirt/libvirt/-/issues/153
reference_id 153
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-19T19:33:05Z/
url https://gitlab.com/libvirt/libvirt/-/issues/153
6
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1977726
reference_id 1977726
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-19T19:33:05Z/
url https://bugzilla.redhat.com/show_bug.cgi?id=1977726
7
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=990709
reference_id 990709
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=990709
8
reference_url https://security.archlinux.org/AVG-2124
reference_id AVG-2124
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2124
9
reference_url https://security.gentoo.org/glsa/202210-06
reference_id GLSA-202210-06
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-19T19:33:05Z/
url https://security.gentoo.org/glsa/202210-06
10
reference_url https://lists.debian.org/debian-lts-announce/2024/04/msg00000.html
reference_id msg00000.html
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-19T19:33:05Z/
url https://lists.debian.org/debian-lts-announce/2024/04/msg00000.html
11
reference_url https://security.netapp.com/advisory/ntap-20220331-0010/
reference_id ntap-20220331-0010
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-19T19:33:05Z/
url https://security.netapp.com/advisory/ntap-20220331-0010/
12
reference_url https://access.redhat.com/errata/RHSA-2021:3631
reference_id RHSA-2021:3631
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-19T19:33:05Z/
url https://access.redhat.com/errata/RHSA-2021:3631
13
reference_url https://access.redhat.com/errata/RHSA-2021:3703
reference_id RHSA-2021:3703
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:3703
14
reference_url https://access.redhat.com/errata/RHSA-2021:3704
reference_id RHSA-2021:3704
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:3704
15
reference_url https://access.redhat.com/errata/RHSA-2021:4191
reference_id RHSA-2021:4191
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:4191
16
reference_url https://usn.ubuntu.com/5399-1/
reference_id USN-5399-1
reference_type
scores
url https://usn.ubuntu.com/5399-1/
fixed_packages
0
url pkg:deb/debian/libvirt@7.0.0-3%2Bdeb11u3
purl pkg:deb/debian/libvirt@7.0.0-3%2Bdeb11u3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gt15-erjf-tucj
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvirt@7.0.0-3%252Bdeb11u3
aliases CVE-2021-3631
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-psr7-vapd-6udz
22
url VCID-q2ng-jgm7-8uc9
vulnerability_id VCID-q2ng-jgm7-8uc9
summary A flaw was found in the libvirt nwfilter driver. The virNWFilterObjListNumOfNWFilters method failed to acquire the driver->nwfilters mutex before iterating over virNWFilterObj instances. There was no protection to stop another thread from concurrently modifying the driver->nwfilters object. This flaw allows a malicious, unprivileged user to exploit this issue via libvirt's API virConnectNumOfNWFilters to crash the network filter management daemon (libvirtd/virtnwfilterd).
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-0897.json
reference_id
reference_type
scores
0
value 5.0
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-0897.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-0897
reference_id
reference_type
scores
0
value 0.00078
scoring_system epss
scoring_elements 0.23204
published_at 2026-06-04T12:55:00Z
1
value 0.00078
scoring_system epss
scoring_elements 0.23226
published_at 2026-06-07T12:55:00Z
2
value 0.00078
scoring_system epss
scoring_elements 0.23286
published_at 2026-06-05T12:55:00Z
3
value 0.00078
scoring_system epss
scoring_elements 0.23271
published_at 2026-06-06T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-0897
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0897
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0897
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1009075
reference_id 1009075
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1009075
5
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2063883
reference_id 2063883
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-08T15:53:19Z/
url https://bugzilla.redhat.com/show_bug.cgi?id=2063883
6
reference_url https://security.gentoo.org/glsa/202210-06
reference_id GLSA-202210-06
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-08T15:53:19Z/
url https://security.gentoo.org/glsa/202210-06
7
reference_url https://lists.debian.org/debian-lts-announce/2024/04/msg00000.html
reference_id msg00000.html
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-08T15:53:19Z/
url https://lists.debian.org/debian-lts-announce/2024/04/msg00000.html
8
reference_url https://access.redhat.com/errata/RHSA-2022:7472
reference_id RHSA-2022:7472
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:7472
9
reference_url https://access.redhat.com/errata/RHSA-2022:8003
reference_id RHSA-2022:8003
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:8003
10
reference_url https://usn.ubuntu.com/5399-1/
reference_id USN-5399-1
reference_type
scores
url https://usn.ubuntu.com/5399-1/
11
reference_url https://usn.ubuntu.com/6126-1/
reference_id USN-6126-1
reference_type
scores
url https://usn.ubuntu.com/6126-1/
fixed_packages
0
url pkg:deb/debian/libvirt@7.0.0-3%2Bdeb11u3
purl pkg:deb/debian/libvirt@7.0.0-3%2Bdeb11u3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gt15-erjf-tucj
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvirt@7.0.0-3%252Bdeb11u3
aliases CVE-2022-0897
risk_score 2.2
exploitability 0.5
weighted_severity 4.5
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-q2ng-jgm7-8uc9
23
url VCID-r61c-726k-bfh5
vulnerability_id VCID-r61c-726k-bfh5
summary arbitrary code execution
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-25637.json
reference_id
reference_type
scores
0
value 6.4
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-25637.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-25637
reference_id
reference_type
scores
0
value 0.00123
scoring_system epss
scoring_elements 0.30971
published_at 2026-06-06T12:55:00Z
1
value 0.00123
scoring_system epss
scoring_elements 0.30936
published_at 2026-06-04T12:55:00Z
2
value 0.00123
scoring_system epss
scoring_elements 0.30937
published_at 2026-06-07T12:55:00Z
3
value 0.00123
scoring_system epss
scoring_elements 0.31003
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-25637
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25637
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25637
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1881037
reference_id 1881037
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1881037
5
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=971555
reference_id 971555
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=971555
6
reference_url https://security.archlinux.org/ASA-202101-42
reference_id ASA-202101-42
reference_type
scores
url https://security.archlinux.org/ASA-202101-42
7
reference_url https://security.archlinux.org/AVG-1240
reference_id AVG-1240
reference_type
scores
0
value Critical
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1240
8
reference_url https://security.gentoo.org/glsa/202210-06
reference_id GLSA-202210-06
reference_type
scores
url https://security.gentoo.org/glsa/202210-06
9
reference_url https://access.redhat.com/errata/RHSA-2020:5040
reference_id RHSA-2020:5040
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:5040
10
reference_url https://access.redhat.com/errata/RHSA-2020:5111
reference_id RHSA-2020:5111
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:5111
11
reference_url https://access.redhat.com/errata/RHSA-2021:1762
reference_id RHSA-2021:1762
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:1762
12
reference_url https://usn.ubuntu.com/5399-1/
reference_id USN-5399-1
reference_type
scores
url https://usn.ubuntu.com/5399-1/
fixed_packages
0
url pkg:deb/debian/libvirt@7.0.0-3%2Bdeb11u3
purl pkg:deb/debian/libvirt@7.0.0-3%2Bdeb11u3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gt15-erjf-tucj
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvirt@7.0.0-3%252Bdeb11u3
aliases CVE-2020-25637
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-r61c-726k-bfh5
24
url VCID-t296-efx6-1yba
vulnerability_id VCID-t296-efx6-1yba
summary An incorrect permissions check was discovered in libvirt 4.8.0 and above. The readonly permission was allowed to invoke APIs depending on the guest agent, which could lead to potentially disclosing unintended information or denial of service by causing libvirt to block.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-3886.json
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-3886.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-3886
reference_id
reference_type
scores
0
value 0.00463
scoring_system epss
scoring_elements 0.64617
published_at 2026-06-04T12:55:00Z
1
value 0.00463
scoring_system epss
scoring_elements 0.64658
published_at 2026-06-05T12:55:00Z
2
value 0.00463
scoring_system epss
scoring_elements 0.64668
published_at 2026-06-06T12:55:00Z
3
value 0.00463
scoring_system epss
scoring_elements 0.64656
published_at 2026-06-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-3886
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3886
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3886
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1694880
reference_id 1694880
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1694880
5
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=926418
reference_id 926418
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=926418
6
reference_url https://usn.ubuntu.com/4021-1/
reference_id USN-4021-1
reference_type
scores
url https://usn.ubuntu.com/4021-1/
fixed_packages
0
url pkg:deb/debian/libvirt@5.0.0-4%2Bdeb10u1
purl pkg:deb/debian/libvirt@5.0.0-4%2Bdeb10u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-4sf9-8j9p-3fgz
1
vulnerability VCID-53fz-t4zs-7kbk
2
vulnerability VCID-6pj3-mq9g-yye9
3
vulnerability VCID-abdh-e635-17cp
4
vulnerability VCID-cjpk-feb2-zqds
5
vulnerability VCID-gneu-b3qk-q7e4
6
vulnerability VCID-j71z-t8bh-wbb4
7
vulnerability VCID-kjnb-e6nd-wudn
8
vulnerability VCID-mtgm-vqw9-1ubf
9
vulnerability VCID-myg3-46rj-3qax
10
vulnerability VCID-psr7-vapd-6udz
11
vulnerability VCID-q2ng-jgm7-8uc9
12
vulnerability VCID-r61c-726k-bfh5
13
vulnerability VCID-wtyd-7ppt-23cj
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvirt@5.0.0-4%252Bdeb10u1
aliases CVE-2019-3886
risk_score 2.5
exploitability 0.5
weighted_severity 4.9
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-t296-efx6-1yba
25
url VCID-t414-nm3b-cfev
vulnerability_id VCID-t414-nm3b-cfev
summary util/virlog.c in libvirt does not properly determine the hostname on LXC container startup, which allows local guest OS users to bypass an intended container protection mechanism and execute arbitrary commands via a crafted NSS module.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-6764.json
reference_id
reference_type
scores
0
value 5.0
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-6764.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-6764
reference_id
reference_type
scores
0
value 0.00036
scoring_system epss
scoring_elements 0.11115
published_at 2026-06-04T12:55:00Z
1
value 0.00036
scoring_system epss
scoring_elements 0.11203
published_at 2026-06-05T12:55:00Z
2
value 0.00036
scoring_system epss
scoring_elements 0.11198
published_at 2026-06-06T12:55:00Z
3
value 0.00036
scoring_system epss
scoring_elements 0.11163
published_at 2026-06-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-6764
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6764
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6764
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.8
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1541444
reference_id 1541444
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1541444
5
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=889839
reference_id 889839
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=889839
6
reference_url https://security.gentoo.org/glsa/201804-07
reference_id GLSA-201804-07
reference_type
scores
url https://security.gentoo.org/glsa/201804-07
7
reference_url https://access.redhat.com/errata/RHSA-2018:3113
reference_id RHSA-2018:3113
reference_type
scores
url https://access.redhat.com/errata/RHSA-2018:3113
8
reference_url https://usn.ubuntu.com/3576-1/
reference_id USN-3576-1
reference_type
scores
url https://usn.ubuntu.com/3576-1/
fixed_packages
0
url pkg:deb/debian/libvirt@5.0.0-4%2Bdeb10u1
purl pkg:deb/debian/libvirt@5.0.0-4%2Bdeb10u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-4sf9-8j9p-3fgz
1
vulnerability VCID-53fz-t4zs-7kbk
2
vulnerability VCID-6pj3-mq9g-yye9
3
vulnerability VCID-abdh-e635-17cp
4
vulnerability VCID-cjpk-feb2-zqds
5
vulnerability VCID-gneu-b3qk-q7e4
6
vulnerability VCID-j71z-t8bh-wbb4
7
vulnerability VCID-kjnb-e6nd-wudn
8
vulnerability VCID-mtgm-vqw9-1ubf
9
vulnerability VCID-myg3-46rj-3qax
10
vulnerability VCID-psr7-vapd-6udz
11
vulnerability VCID-q2ng-jgm7-8uc9
12
vulnerability VCID-r61c-726k-bfh5
13
vulnerability VCID-wtyd-7ppt-23cj
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvirt@5.0.0-4%252Bdeb10u1
aliases CVE-2018-6764
risk_score 2.2
exploitability 0.5
weighted_severity 4.5
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-t414-nm3b-cfev
26
url VCID-tk2g-6m19-yqg3
vulnerability_id VCID-tk2g-6m19-yqg3
summary libvirt before 2.2 includes Ceph credentials on the qemu command line when using RADOS Block Device (aka RBD), which allows local users to obtain sensitive information via a process listing.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-5160.json
reference_id
reference_type
scores
0
value 3.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-5160.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2015-5160
reference_id
reference_type
scores
0
value 0.00145
scoring_system epss
scoring_elements 0.34534
published_at 2026-06-04T12:55:00Z
1
value 0.00145
scoring_system epss
scoring_elements 0.34632
published_at 2026-06-05T12:55:00Z
2
value 0.00145
scoring_system epss
scoring_elements 0.34648
published_at 2026-06-06T12:55:00Z
3
value 0.00145
scoring_system epss
scoring_elements 0.34612
published_at 2026-06-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2015-5160
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5160
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5160
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1245647
reference_id 1245647
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1245647
4
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=796111
reference_id 796111
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=796111
5
reference_url https://access.redhat.com/errata/RHSA-2016:2577
reference_id RHSA-2016:2577
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:2577
fixed_packages
0
url pkg:deb/debian/libvirt@3.0.0-4%2Bdeb9u2~bpo8%2B1
purl pkg:deb/debian/libvirt@3.0.0-4%2Bdeb9u2~bpo8%2B1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-4sf9-8j9p-3fgz
1
vulnerability VCID-53fz-t4zs-7kbk
2
vulnerability VCID-6pj3-mq9g-yye9
3
vulnerability VCID-8u2b-ad6e-ukaw
4
vulnerability VCID-abdh-e635-17cp
5
vulnerability VCID-bzyu-42js-e3e6
6
vulnerability VCID-cf81-wpvh-kqa2
7
vulnerability VCID-cjpk-feb2-zqds
8
vulnerability VCID-etr9-c84d-vuhr
9
vulnerability VCID-gneu-b3qk-q7e4
10
vulnerability VCID-j71z-t8bh-wbb4
11
vulnerability VCID-jtjs-y7k7-r7ae
12
vulnerability VCID-kjnb-e6nd-wudn
13
vulnerability VCID-mtgm-vqw9-1ubf
14
vulnerability VCID-myg3-46rj-3qax
15
vulnerability VCID-n2nm-knaw-gkgx
16
vulnerability VCID-pqyk-2c8e-5yh5
17
vulnerability VCID-psr7-vapd-6udz
18
vulnerability VCID-q2ng-jgm7-8uc9
19
vulnerability VCID-r61c-726k-bfh5
20
vulnerability VCID-t296-efx6-1yba
21
vulnerability VCID-t414-nm3b-cfev
22
vulnerability VCID-v25d-upc8-wfh4
23
vulnerability VCID-wtyd-7ppt-23cj
24
vulnerability VCID-ztu1-8yz5-tyc6
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvirt@3.0.0-4%252Bdeb9u2~bpo8%252B1
aliases CVE-2015-5160
risk_score 1.5
exploitability 0.5
weighted_severity 3.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-tk2g-6m19-yqg3
27
url VCID-v25d-upc8-wfh4
vulnerability_id VCID-v25d-upc8-wfh4
summary The virConnectGetDomainCapabilities() libvirt API, versions 4.x.x before 4.10.1 and 5.x.x before 5.4.1, accepts an "emulatorbin" argument to specify the program providing emulation for a domain. Since v1.2.19, libvirt will execute that program to probe the domain's capabilities. Read-only clients could specify an arbitrary path for this argument, causing libvirtd to execute a crafted executable with its own privileges.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-10167.json
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-10167.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-10167
reference_id
reference_type
scores
0
value 0.00166
scoring_system epss
scoring_elements 0.37323
published_at 2026-06-04T12:55:00Z
1
value 0.00166
scoring_system epss
scoring_elements 0.37414
published_at 2026-06-05T12:55:00Z
2
value 0.00166
scoring_system epss
scoring_elements 0.3742
published_at 2026-06-06T12:55:00Z
3
value 0.00166
scoring_system epss
scoring_elements 0.37387
published_at 2026-06-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-10167
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10161
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10161
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10167
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10167
4
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.8
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
5
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1720117
reference_id 1720117
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1720117
6
reference_url https://security.gentoo.org/glsa/202003-18
reference_id GLSA-202003-18
reference_type
scores
url https://security.gentoo.org/glsa/202003-18
7
reference_url https://access.redhat.com/errata/RHSA-2019:1579
reference_id RHSA-2019:1579
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:1579
8
reference_url https://access.redhat.com/errata/RHSA-2019:1580
reference_id RHSA-2019:1580
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:1580
9
reference_url https://access.redhat.com/errata/RHSA-2019:1699
reference_id RHSA-2019:1699
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:1699
10
reference_url https://access.redhat.com/errata/RHSA-2019:1762
reference_id RHSA-2019:1762
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:1762
11
reference_url https://usn.ubuntu.com/4047-1/
reference_id USN-4047-1
reference_type
scores
url https://usn.ubuntu.com/4047-1/
fixed_packages
0
url pkg:deb/debian/libvirt@3.0.0-4%2Bdeb9u4
purl pkg:deb/debian/libvirt@3.0.0-4%2Bdeb9u4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-4sf9-8j9p-3fgz
1
vulnerability VCID-53fz-t4zs-7kbk
2
vulnerability VCID-6pj3-mq9g-yye9
3
vulnerability VCID-8u2b-ad6e-ukaw
4
vulnerability VCID-abdh-e635-17cp
5
vulnerability VCID-bzyu-42js-e3e6
6
vulnerability VCID-cf81-wpvh-kqa2
7
vulnerability VCID-cjpk-feb2-zqds
8
vulnerability VCID-etr9-c84d-vuhr
9
vulnerability VCID-gneu-b3qk-q7e4
10
vulnerability VCID-j71z-t8bh-wbb4
11
vulnerability VCID-jtjs-y7k7-r7ae
12
vulnerability VCID-kjnb-e6nd-wudn
13
vulnerability VCID-mtgm-vqw9-1ubf
14
vulnerability VCID-myg3-46rj-3qax
15
vulnerability VCID-n2nm-knaw-gkgx
16
vulnerability VCID-pqyk-2c8e-5yh5
17
vulnerability VCID-psr7-vapd-6udz
18
vulnerability VCID-q2ng-jgm7-8uc9
19
vulnerability VCID-r61c-726k-bfh5
20
vulnerability VCID-t296-efx6-1yba
21
vulnerability VCID-t414-nm3b-cfev
22
vulnerability VCID-v25d-upc8-wfh4
23
vulnerability VCID-wtyd-7ppt-23cj
24
vulnerability VCID-ztu1-8yz5-tyc6
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvirt@3.0.0-4%252Bdeb9u4
1
url pkg:deb/debian/libvirt@5.0.0-4%2Bdeb10u1
purl pkg:deb/debian/libvirt@5.0.0-4%2Bdeb10u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-4sf9-8j9p-3fgz
1
vulnerability VCID-53fz-t4zs-7kbk
2
vulnerability VCID-6pj3-mq9g-yye9
3
vulnerability VCID-abdh-e635-17cp
4
vulnerability VCID-cjpk-feb2-zqds
5
vulnerability VCID-gneu-b3qk-q7e4
6
vulnerability VCID-j71z-t8bh-wbb4
7
vulnerability VCID-kjnb-e6nd-wudn
8
vulnerability VCID-mtgm-vqw9-1ubf
9
vulnerability VCID-myg3-46rj-3qax
10
vulnerability VCID-psr7-vapd-6udz
11
vulnerability VCID-q2ng-jgm7-8uc9
12
vulnerability VCID-r61c-726k-bfh5
13
vulnerability VCID-wtyd-7ppt-23cj
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvirt@5.0.0-4%252Bdeb10u1
aliases CVE-2019-10167
risk_score 4.0
exploitability 0.5
weighted_severity 7.9
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-v25d-upc8-wfh4
28
url VCID-wtyd-7ppt-23cj
vulnerability_id VCID-wtyd-7ppt-23cj
summary A NULL pointer dereference flaw was found in the udevConnectListAllInterfaces() function in libvirt. This issue can occur when detaching a host interface while at the same time collecting the list of interfaces via virConnectListAllInterfaces API. This flaw could be used to perform a denial of service attack by causing the libvirt daemon to crash.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-2496.json
reference_id
reference_type
scores
0
value 5.0
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-2496.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-2496
reference_id
reference_type
scores
0
value 0.00059
scoring_system epss
scoring_elements 0.18729
published_at 2026-06-05T12:55:00Z
1
value 0.00059
scoring_system epss
scoring_elements 0.18731
published_at 2026-06-06T12:55:00Z
2
value 0.00059
scoring_system epss
scoring_elements 0.18691
published_at 2026-06-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-2496
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2496
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2496
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2269672
reference_id 2269672
reference_type
scores
0
value 5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-25T19:25:01Z/
url https://bugzilla.redhat.com/show_bug.cgi?id=2269672
5
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:advanced_virtualization:8::el8
reference_id cpe:/a:redhat:advanced_virtualization:8::el8
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:advanced_virtualization:8::el8
6
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream
reference_id cpe:/a:redhat:enterprise_linux:9::appstream
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream
7
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::crb
reference_id cpe:/a:redhat:enterprise_linux:9::crb
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::crb
8
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6
reference_id cpe:/o:redhat:enterprise_linux:6
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6
9
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7
reference_id cpe:/o:redhat:enterprise_linux:7
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7
10
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8
reference_id cpe:/o:redhat:enterprise_linux:8
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8
11
reference_url https://access.redhat.com/security/cve/CVE-2024-2496
reference_id CVE-2024-2496
reference_type
scores
0
value 5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-25T19:25:01Z/
url https://access.redhat.com/security/cve/CVE-2024-2496
12
reference_url https://access.redhat.com/errata/RHSA-2024:2236
reference_id RHSA-2024:2236
reference_type
scores
0
value 5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-25T19:25:01Z/
url https://access.redhat.com/errata/RHSA-2024:2236
13
reference_url https://usn.ubuntu.com/6734-1/
reference_id USN-6734-1
reference_type
scores
url https://usn.ubuntu.com/6734-1/
fixed_packages
0
url pkg:deb/debian/libvirt@7.0.0-3%2Bdeb11u3
purl pkg:deb/debian/libvirt@7.0.0-3%2Bdeb11u3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gt15-erjf-tucj
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvirt@7.0.0-3%252Bdeb11u3
aliases CVE-2024-2496
risk_score 2.2
exploitability 0.5
weighted_severity 4.5
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-wtyd-7ppt-23cj
29
url VCID-x248-nq74-wbbs
vulnerability_id VCID-x248-nq74-wbbs
summary The virStorageVolCreateXML API in libvirt 1.2.14 through 1.2.19 allows remote authenticated users with a read-write connection to cause a denial of service (libvirtd crash) by triggering a failed unlink after creating a volume on a root_squash NFS pool.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-5247.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-5247.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2015-5247
reference_id
reference_type
scores
0
value 0.0039
scoring_system epss
scoring_elements 0.60351
published_at 2026-06-04T12:55:00Z
1
value 0.0039
scoring_system epss
scoring_elements 0.60398
published_at 2026-06-05T12:55:00Z
2
value 0.0039
scoring_system epss
scoring_elements 0.60401
published_at 2026-06-06T12:55:00Z
3
value 0.0039
scoring_system epss
scoring_elements 0.6039
published_at 2026-06-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2015-5247
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5247
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5247
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1259350
reference_id 1259350
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1259350
4
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=799132
reference_id 799132
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=799132
5
reference_url https://usn.ubuntu.com/2867-1/
reference_id USN-2867-1
reference_type
scores
url https://usn.ubuntu.com/2867-1/
fixed_packages
0
url pkg:deb/debian/libvirt@3.0.0-4%2Bdeb9u2~bpo8%2B1
purl pkg:deb/debian/libvirt@3.0.0-4%2Bdeb9u2~bpo8%2B1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-4sf9-8j9p-3fgz
1
vulnerability VCID-53fz-t4zs-7kbk
2
vulnerability VCID-6pj3-mq9g-yye9
3
vulnerability VCID-8u2b-ad6e-ukaw
4
vulnerability VCID-abdh-e635-17cp
5
vulnerability VCID-bzyu-42js-e3e6
6
vulnerability VCID-cf81-wpvh-kqa2
7
vulnerability VCID-cjpk-feb2-zqds
8
vulnerability VCID-etr9-c84d-vuhr
9
vulnerability VCID-gneu-b3qk-q7e4
10
vulnerability VCID-j71z-t8bh-wbb4
11
vulnerability VCID-jtjs-y7k7-r7ae
12
vulnerability VCID-kjnb-e6nd-wudn
13
vulnerability VCID-mtgm-vqw9-1ubf
14
vulnerability VCID-myg3-46rj-3qax
15
vulnerability VCID-n2nm-knaw-gkgx
16
vulnerability VCID-pqyk-2c8e-5yh5
17
vulnerability VCID-psr7-vapd-6udz
18
vulnerability VCID-q2ng-jgm7-8uc9
19
vulnerability VCID-r61c-726k-bfh5
20
vulnerability VCID-t296-efx6-1yba
21
vulnerability VCID-t414-nm3b-cfev
22
vulnerability VCID-v25d-upc8-wfh4
23
vulnerability VCID-wtyd-7ppt-23cj
24
vulnerability VCID-ztu1-8yz5-tyc6
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvirt@3.0.0-4%252Bdeb9u2~bpo8%252B1
aliases CVE-2015-5247
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-x248-nq74-wbbs
30
url VCID-ztu1-8yz5-tyc6
vulnerability_id VCID-ztu1-8yz5-tyc6
summary libvirt version 2.3.0 and later is vulnerable to a bad default configuration of "verify-peer=no" passed to QEMU by libvirt resulting in a failure to validate SSL/TLS certificates by default.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-1000256.json
reference_id
reference_type
scores
0
value 5.0
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-1000256.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-1000256
reference_id
reference_type
scores
0
value 0.00772
scoring_system epss
scoring_elements 0.73915
published_at 2026-06-04T12:55:00Z
1
value 0.00772
scoring_system epss
scoring_elements 0.73951
published_at 2026-06-05T12:55:00Z
2
value 0.00772
scoring_system epss
scoring_elements 0.73955
published_at 2026-06-06T12:55:00Z
3
value 0.00772
scoring_system epss
scoring_elements 0.73941
published_at 2026-06-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-1000256
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000256
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000256
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1503658
reference_id 1503658
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1503658
4
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=878799
reference_id 878799
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=878799
5
reference_url https://usn.ubuntu.com/3576-1/
reference_id USN-3576-1
reference_type
scores
url https://usn.ubuntu.com/3576-1/
fixed_packages
0
url pkg:deb/debian/libvirt@3.0.0-4%2Bdeb9u2~bpo8%2B1
purl pkg:deb/debian/libvirt@3.0.0-4%2Bdeb9u2~bpo8%2B1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-4sf9-8j9p-3fgz
1
vulnerability VCID-53fz-t4zs-7kbk
2
vulnerability VCID-6pj3-mq9g-yye9
3
vulnerability VCID-8u2b-ad6e-ukaw
4
vulnerability VCID-abdh-e635-17cp
5
vulnerability VCID-bzyu-42js-e3e6
6
vulnerability VCID-cf81-wpvh-kqa2
7
vulnerability VCID-cjpk-feb2-zqds
8
vulnerability VCID-etr9-c84d-vuhr
9
vulnerability VCID-gneu-b3qk-q7e4
10
vulnerability VCID-j71z-t8bh-wbb4
11
vulnerability VCID-jtjs-y7k7-r7ae
12
vulnerability VCID-kjnb-e6nd-wudn
13
vulnerability VCID-mtgm-vqw9-1ubf
14
vulnerability VCID-myg3-46rj-3qax
15
vulnerability VCID-n2nm-knaw-gkgx
16
vulnerability VCID-pqyk-2c8e-5yh5
17
vulnerability VCID-psr7-vapd-6udz
18
vulnerability VCID-q2ng-jgm7-8uc9
19
vulnerability VCID-r61c-726k-bfh5
20
vulnerability VCID-t296-efx6-1yba
21
vulnerability VCID-t414-nm3b-cfev
22
vulnerability VCID-v25d-upc8-wfh4
23
vulnerability VCID-wtyd-7ppt-23cj
24
vulnerability VCID-ztu1-8yz5-tyc6
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvirt@3.0.0-4%252Bdeb9u2~bpo8%252B1
1
url pkg:deb/debian/libvirt@5.0.0-4%2Bdeb10u1
purl pkg:deb/debian/libvirt@5.0.0-4%2Bdeb10u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-4sf9-8j9p-3fgz
1
vulnerability VCID-53fz-t4zs-7kbk
2
vulnerability VCID-6pj3-mq9g-yye9
3
vulnerability VCID-abdh-e635-17cp
4
vulnerability VCID-cjpk-feb2-zqds
5
vulnerability VCID-gneu-b3qk-q7e4
6
vulnerability VCID-j71z-t8bh-wbb4
7
vulnerability VCID-kjnb-e6nd-wudn
8
vulnerability VCID-mtgm-vqw9-1ubf
9
vulnerability VCID-myg3-46rj-3qax
10
vulnerability VCID-psr7-vapd-6udz
11
vulnerability VCID-q2ng-jgm7-8uc9
12
vulnerability VCID-r61c-726k-bfh5
13
vulnerability VCID-wtyd-7ppt-23cj
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvirt@5.0.0-4%252Bdeb10u1
aliases CVE-2017-1000256
risk_score 2.2
exploitability 0.5
weighted_severity 4.5
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ztu1-8yz5-tyc6
Fixing_vulnerabilities
0
url VCID-522f-y6qx-nfhn
vulnerability_id VCID-522f-y6qx-nfhn
summary The virDomainGetXMLDesc API in Libvirt before 1.2.11 allows remote read-only users to obtain the VNC password by using the VIR_DOMAIN_XML_MIGRATABLE flag, which triggers the use of the VIR_DOMAIN_XML_SECURE flag.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-7823.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-7823.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2014-7823
reference_id
reference_type
scores
0
value 0.00531
scoring_system epss
scoring_elements 0.67592
published_at 2026-06-04T12:55:00Z
1
value 0.00531
scoring_system epss
scoring_elements 0.67633
published_at 2026-06-05T12:55:00Z
2
value 0.00531
scoring_system epss
scoring_elements 0.6764
published_at 2026-06-06T12:55:00Z
3
value 0.00531
scoring_system epss
scoring_elements 0.6763
published_at 2026-06-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2014-7823
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7823
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7823
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1160817
reference_id 1160817
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1160817
4
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=769149
reference_id 769149
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=769149
5
reference_url https://security.gentoo.org/glsa/201412-04
reference_id GLSA-201412-04
reference_type
scores
url https://security.gentoo.org/glsa/201412-04
6
reference_url https://access.redhat.com/errata/RHSA-2014:1873
reference_id RHSA-2014:1873
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:1873
7
reference_url https://access.redhat.com/errata/RHSA-2015:0008
reference_id RHSA-2015:0008
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:0008
8
reference_url https://usn.ubuntu.com/2404-1/
reference_id USN-2404-1
reference_type
scores
url https://usn.ubuntu.com/2404-1/
fixed_packages
0
url pkg:deb/debian/libvirt@1.2.9-9
purl pkg:deb/debian/libvirt@1.2.9-9
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-4sf9-8j9p-3fgz
1
vulnerability VCID-53fz-t4zs-7kbk
2
vulnerability VCID-6pj3-mq9g-yye9
3
vulnerability VCID-75av-3nr7-bkh1
4
vulnerability VCID-8u2b-ad6e-ukaw
5
vulnerability VCID-abdh-e635-17cp
6
vulnerability VCID-bes6-jjfw-tbdx
7
vulnerability VCID-bzyu-42js-e3e6
8
vulnerability VCID-cf81-wpvh-kqa2
9
vulnerability VCID-cjpk-feb2-zqds
10
vulnerability VCID-etr9-c84d-vuhr
11
vulnerability VCID-gneu-b3qk-q7e4
12
vulnerability VCID-j5b5-zjxe-ffhu
13
vulnerability VCID-j71z-t8bh-wbb4
14
vulnerability VCID-jtjs-y7k7-r7ae
15
vulnerability VCID-k2ku-9mx2-b3a9
16
vulnerability VCID-kjnb-e6nd-wudn
17
vulnerability VCID-mtgm-vqw9-1ubf
18
vulnerability VCID-myg3-46rj-3qax
19
vulnerability VCID-n2nm-knaw-gkgx
20
vulnerability VCID-pqyk-2c8e-5yh5
21
vulnerability VCID-psr7-vapd-6udz
22
vulnerability VCID-q2ng-jgm7-8uc9
23
vulnerability VCID-r61c-726k-bfh5
24
vulnerability VCID-t296-efx6-1yba
25
vulnerability VCID-t414-nm3b-cfev
26
vulnerability VCID-tk2g-6m19-yqg3
27
vulnerability VCID-v25d-upc8-wfh4
28
vulnerability VCID-wtyd-7ppt-23cj
29
vulnerability VCID-x248-nq74-wbbs
30
vulnerability VCID-ztu1-8yz5-tyc6
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvirt@1.2.9-9
aliases CVE-2014-7823
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-522f-y6qx-nfhn
1
url VCID-7ezn-r2xq-c7de
vulnerability_id VCID-7ezn-r2xq-c7de
summary The qemuDomainGetBlockIoTune function in qemu/qemu_driver.c in libvirt before 1.2.9, when a disk has been hot-plugged or removed from the live image, allows remote attackers to cause a denial of service (crash) or read sensitive heap information via a crafted blkiotune query, which triggers an out-of-bounds read.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3633.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3633.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2014-3633
reference_id
reference_type
scores
0
value 0.02862
scoring_system epss
scoring_elements 0.86522
published_at 2026-06-04T12:55:00Z
1
value 0.02862
scoring_system epss
scoring_elements 0.86545
published_at 2026-06-06T12:55:00Z
2
value 0.02862
scoring_system epss
scoring_elements 0.8654
published_at 2026-06-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2014-3633
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0179
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0179
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3633
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3633
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1141131
reference_id 1141131
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1141131
5
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=762203
reference_id 762203
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=762203
6
reference_url https://security.gentoo.org/glsa/201412-04
reference_id GLSA-201412-04
reference_type
scores
url https://security.gentoo.org/glsa/201412-04
7
reference_url https://access.redhat.com/errata/RHSA-2014:1352
reference_id RHSA-2014:1352
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:1352
8
reference_url https://access.redhat.com/errata/RHSA-2014:1873
reference_id RHSA-2014:1873
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:1873
9
reference_url https://usn.ubuntu.com/2366-1/
reference_id USN-2366-1
reference_type
scores
url https://usn.ubuntu.com/2366-1/
fixed_packages
0
url pkg:deb/debian/libvirt@0.9.12.3-1%2Bdeb7u1
purl pkg:deb/debian/libvirt@0.9.12.3-1%2Bdeb7u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-4sf9-8j9p-3fgz
1
vulnerability VCID-522f-y6qx-nfhn
2
vulnerability VCID-53fz-t4zs-7kbk
3
vulnerability VCID-5th2-yymu-x7hm
4
vulnerability VCID-6pj3-mq9g-yye9
5
vulnerability VCID-75av-3nr7-bkh1
6
vulnerability VCID-7ezn-r2xq-c7de
7
vulnerability VCID-7ks5-8e2n-tua4
8
vulnerability VCID-8fmd-jdpb-v7eb
9
vulnerability VCID-8frc-fhvs-bucm
10
vulnerability VCID-8u2b-ad6e-ukaw
11
vulnerability VCID-8wxg-1wr8-rfca
12
vulnerability VCID-9cft-v9u9-fubh
13
vulnerability VCID-abdh-e635-17cp
14
vulnerability VCID-bes6-jjfw-tbdx
15
vulnerability VCID-bw47-fewt-2fax
16
vulnerability VCID-bzyu-42js-e3e6
17
vulnerability VCID-cf81-wpvh-kqa2
18
vulnerability VCID-cjpk-feb2-zqds
19
vulnerability VCID-db3h-q8fp-b3ds
20
vulnerability VCID-dqys-qxtq-7yd9
21
vulnerability VCID-etr9-c84d-vuhr
22
vulnerability VCID-g2pc-1es2-3qer
23
vulnerability VCID-g3k9-1rc3-xfhu
24
vulnerability VCID-g59s-kpjm-dbbg
25
vulnerability VCID-g94m-69qv-8kgk
26
vulnerability VCID-gneu-b3qk-q7e4
27
vulnerability VCID-h8hd-mdcx-tben
28
vulnerability VCID-j5b5-zjxe-ffhu
29
vulnerability VCID-j71z-t8bh-wbb4
30
vulnerability VCID-jtjs-y7k7-r7ae
31
vulnerability VCID-jzhx-dfgg-37ct
32
vulnerability VCID-k2ku-9mx2-b3a9
33
vulnerability VCID-kjnb-e6nd-wudn
34
vulnerability VCID-kn2h-kurp-pbcc
35
vulnerability VCID-kqsz-xg9j-ukeu
36
vulnerability VCID-kta6-5pt1-27at
37
vulnerability VCID-mtgm-vqw9-1ubf
38
vulnerability VCID-myg3-46rj-3qax
39
vulnerability VCID-mzv1-uhwm-fqd2
40
vulnerability VCID-n2nm-knaw-gkgx
41
vulnerability VCID-p3ja-7zqb-mybj
42
vulnerability VCID-pqyk-2c8e-5yh5
43
vulnerability VCID-psr7-vapd-6udz
44
vulnerability VCID-q2ng-jgm7-8uc9
45
vulnerability VCID-qpvd-b2ru-d7a3
46
vulnerability VCID-qtct-kbdm-z7ed
47
vulnerability VCID-qw96-udhq-q7b6
48
vulnerability VCID-r61c-726k-bfh5
49
vulnerability VCID-rrcc-k1cq-5ugw
50
vulnerability VCID-t296-efx6-1yba
51
vulnerability VCID-t414-nm3b-cfev
52
vulnerability VCID-tk2g-6m19-yqg3
53
vulnerability VCID-u1x7-9n1d-8qb3
54
vulnerability VCID-urzt-z32b-97dp
55
vulnerability VCID-v25d-upc8-wfh4
56
vulnerability VCID-vsx2-9wna-nuf2
57
vulnerability VCID-wtyd-7ppt-23cj
58
vulnerability VCID-x248-nq74-wbbs
59
vulnerability VCID-yb4y-39u3-eufg
60
vulnerability VCID-ztu1-8yz5-tyc6
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvirt@0.9.12.3-1%252Bdeb7u1
1
url pkg:deb/debian/libvirt@1.2.9-9
purl pkg:deb/debian/libvirt@1.2.9-9
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-4sf9-8j9p-3fgz
1
vulnerability VCID-53fz-t4zs-7kbk
2
vulnerability VCID-6pj3-mq9g-yye9
3
vulnerability VCID-75av-3nr7-bkh1
4
vulnerability VCID-8u2b-ad6e-ukaw
5
vulnerability VCID-abdh-e635-17cp
6
vulnerability VCID-bes6-jjfw-tbdx
7
vulnerability VCID-bzyu-42js-e3e6
8
vulnerability VCID-cf81-wpvh-kqa2
9
vulnerability VCID-cjpk-feb2-zqds
10
vulnerability VCID-etr9-c84d-vuhr
11
vulnerability VCID-gneu-b3qk-q7e4
12
vulnerability VCID-j5b5-zjxe-ffhu
13
vulnerability VCID-j71z-t8bh-wbb4
14
vulnerability VCID-jtjs-y7k7-r7ae
15
vulnerability VCID-k2ku-9mx2-b3a9
16
vulnerability VCID-kjnb-e6nd-wudn
17
vulnerability VCID-mtgm-vqw9-1ubf
18
vulnerability VCID-myg3-46rj-3qax
19
vulnerability VCID-n2nm-knaw-gkgx
20
vulnerability VCID-pqyk-2c8e-5yh5
21
vulnerability VCID-psr7-vapd-6udz
22
vulnerability VCID-q2ng-jgm7-8uc9
23
vulnerability VCID-r61c-726k-bfh5
24
vulnerability VCID-t296-efx6-1yba
25
vulnerability VCID-t414-nm3b-cfev
26
vulnerability VCID-tk2g-6m19-yqg3
27
vulnerability VCID-v25d-upc8-wfh4
28
vulnerability VCID-wtyd-7ppt-23cj
29
vulnerability VCID-x248-nq74-wbbs
30
vulnerability VCID-ztu1-8yz5-tyc6
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvirt@1.2.9-9
aliases CVE-2014-3633
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-7ezn-r2xq-c7de
2
url VCID-8wxg-1wr8-rfca
vulnerability_id VCID-8wxg-1wr8-rfca
summary libvirt before 1.2.12 allow remote authenticated users to obtain the VNC password by using the VIR_DOMAIN_XML_SECURE flag with a crafted (1) snapshot to the virDomainSnapshotGetXMLDesc interface or (2) image to the virDomainSaveImageGetXMLDesc interface.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-0236.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-0236.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2015-0236
reference_id
reference_type
scores
0
value 0.00492
scoring_system epss
scoring_elements 0.66007
published_at 2026-06-04T12:55:00Z
1
value 0.00492
scoring_system epss
scoring_elements 0.66059
published_at 2026-06-05T12:55:00Z
2
value 0.00492
scoring_system epss
scoring_elements 0.66071
published_at 2026-06-06T12:55:00Z
3
value 0.00492
scoring_system epss
scoring_elements 0.66056
published_at 2026-06-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2015-0236
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0236
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0236
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4
scoring_system cvssv2
scoring_elements AV:L/AC:L/Au:M/C:P/I:P/A:P
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1184431
reference_id 1184431
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1184431
5
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=776065
reference_id 776065
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=776065
6
reference_url https://access.redhat.com/errata/RHSA-2015:0323
reference_id RHSA-2015:0323
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:0323
7
reference_url https://usn.ubuntu.com/2867-1/
reference_id USN-2867-1
reference_type
scores
url https://usn.ubuntu.com/2867-1/
fixed_packages
0
url pkg:deb/debian/libvirt@1.2.9-9
purl pkg:deb/debian/libvirt@1.2.9-9
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-4sf9-8j9p-3fgz
1
vulnerability VCID-53fz-t4zs-7kbk
2
vulnerability VCID-6pj3-mq9g-yye9
3
vulnerability VCID-75av-3nr7-bkh1
4
vulnerability VCID-8u2b-ad6e-ukaw
5
vulnerability VCID-abdh-e635-17cp
6
vulnerability VCID-bes6-jjfw-tbdx
7
vulnerability VCID-bzyu-42js-e3e6
8
vulnerability VCID-cf81-wpvh-kqa2
9
vulnerability VCID-cjpk-feb2-zqds
10
vulnerability VCID-etr9-c84d-vuhr
11
vulnerability VCID-gneu-b3qk-q7e4
12
vulnerability VCID-j5b5-zjxe-ffhu
13
vulnerability VCID-j71z-t8bh-wbb4
14
vulnerability VCID-jtjs-y7k7-r7ae
15
vulnerability VCID-k2ku-9mx2-b3a9
16
vulnerability VCID-kjnb-e6nd-wudn
17
vulnerability VCID-mtgm-vqw9-1ubf
18
vulnerability VCID-myg3-46rj-3qax
19
vulnerability VCID-n2nm-knaw-gkgx
20
vulnerability VCID-pqyk-2c8e-5yh5
21
vulnerability VCID-psr7-vapd-6udz
22
vulnerability VCID-q2ng-jgm7-8uc9
23
vulnerability VCID-r61c-726k-bfh5
24
vulnerability VCID-t296-efx6-1yba
25
vulnerability VCID-t414-nm3b-cfev
26
vulnerability VCID-tk2g-6m19-yqg3
27
vulnerability VCID-v25d-upc8-wfh4
28
vulnerability VCID-wtyd-7ppt-23cj
29
vulnerability VCID-x248-nq74-wbbs
30
vulnerability VCID-ztu1-8yz5-tyc6
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvirt@1.2.9-9
aliases CVE-2015-0236
risk_score 1.0
exploitability 0.5
weighted_severity 2.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-8wxg-1wr8-rfca
3
url VCID-9cft-v9u9-fubh
vulnerability_id VCID-9cft-v9u9-fubh
summary The (1) qemuDomainMigratePerform and (2) qemuDomainMigrateFinish2 functions in qemu/qemu_driver.c in libvirt do not unlock the domain when an ACL check fails, which allow local users to cause a denial of service via unspecified vectors.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-8136.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-8136.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2014-8136
reference_id
reference_type
scores
0
value 0.00088
scoring_system epss
scoring_elements 0.25071
published_at 2026-06-04T12:55:00Z
1
value 0.00088
scoring_system epss
scoring_elements 0.25167
published_at 2026-06-05T12:55:00Z
2
value 0.00088
scoring_system epss
scoring_elements 0.25154
published_at 2026-06-06T12:55:00Z
3
value 0.00088
scoring_system epss
scoring_elements 0.25101
published_at 2026-06-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2014-8136
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8136
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8136
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1176176
reference_id 1176176
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1176176
4
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=773856
reference_id 773856
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=773856
5
reference_url https://security.gentoo.org/glsa/201412-36
reference_id GLSA-201412-36
reference_type
scores
url https://security.gentoo.org/glsa/201412-36
6
reference_url https://access.redhat.com/errata/RHSA-2015:0323
reference_id RHSA-2015:0323
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:0323
7
reference_url https://usn.ubuntu.com/2867-1/
reference_id USN-2867-1
reference_type
scores
url https://usn.ubuntu.com/2867-1/
fixed_packages
0
url pkg:deb/debian/libvirt@1.2.9-9
purl pkg:deb/debian/libvirt@1.2.9-9
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-4sf9-8j9p-3fgz
1
vulnerability VCID-53fz-t4zs-7kbk
2
vulnerability VCID-6pj3-mq9g-yye9
3
vulnerability VCID-75av-3nr7-bkh1
4
vulnerability VCID-8u2b-ad6e-ukaw
5
vulnerability VCID-abdh-e635-17cp
6
vulnerability VCID-bes6-jjfw-tbdx
7
vulnerability VCID-bzyu-42js-e3e6
8
vulnerability VCID-cf81-wpvh-kqa2
9
vulnerability VCID-cjpk-feb2-zqds
10
vulnerability VCID-etr9-c84d-vuhr
11
vulnerability VCID-gneu-b3qk-q7e4
12
vulnerability VCID-j5b5-zjxe-ffhu
13
vulnerability VCID-j71z-t8bh-wbb4
14
vulnerability VCID-jtjs-y7k7-r7ae
15
vulnerability VCID-k2ku-9mx2-b3a9
16
vulnerability VCID-kjnb-e6nd-wudn
17
vulnerability VCID-mtgm-vqw9-1ubf
18
vulnerability VCID-myg3-46rj-3qax
19
vulnerability VCID-n2nm-knaw-gkgx
20
vulnerability VCID-pqyk-2c8e-5yh5
21
vulnerability VCID-psr7-vapd-6udz
22
vulnerability VCID-q2ng-jgm7-8uc9
23
vulnerability VCID-r61c-726k-bfh5
24
vulnerability VCID-t296-efx6-1yba
25
vulnerability VCID-t414-nm3b-cfev
26
vulnerability VCID-tk2g-6m19-yqg3
27
vulnerability VCID-v25d-upc8-wfh4
28
vulnerability VCID-wtyd-7ppt-23cj
29
vulnerability VCID-x248-nq74-wbbs
30
vulnerability VCID-ztu1-8yz5-tyc6
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvirt@1.2.9-9
aliases CVE-2014-8136
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-9cft-v9u9-fubh
4
url VCID-g59s-kpjm-dbbg
vulnerability_id VCID-g59s-kpjm-dbbg
summary The virDomainListPopulate function in conf/domain_conf.c in libvirt before 1.2.9 does not clean up the lock on the list of domains, which allows remote attackers to cause a denial of service (deadlock) via a NULL value in the second parameter in the virConnectListAllDomains API command.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3657.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3657.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2014-3657
reference_id
reference_type
scores
0
value 0.01284
scoring_system epss
scoring_elements 0.79947
published_at 2026-06-04T12:55:00Z
1
value 0.01284
scoring_system epss
scoring_elements 0.79973
published_at 2026-06-05T12:55:00Z
2
value 0.01284
scoring_system epss
scoring_elements 0.79978
published_at 2026-06-06T12:55:00Z
3
value 0.01284
scoring_system epss
scoring_elements 0.79974
published_at 2026-06-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2014-3657
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3657
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3657
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1145667
reference_id 1145667
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1145667
4
reference_url https://access.redhat.com/errata/RHSA-2014:1352
reference_id RHSA-2014:1352
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:1352
5
reference_url https://access.redhat.com/errata/RHSA-2014:1873
reference_id RHSA-2014:1873
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:1873
6
reference_url https://usn.ubuntu.com/2404-1/
reference_id USN-2404-1
reference_type
scores
url https://usn.ubuntu.com/2404-1/
fixed_packages
0
url pkg:deb/debian/libvirt@1.2.9-9
purl pkg:deb/debian/libvirt@1.2.9-9
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-4sf9-8j9p-3fgz
1
vulnerability VCID-53fz-t4zs-7kbk
2
vulnerability VCID-6pj3-mq9g-yye9
3
vulnerability VCID-75av-3nr7-bkh1
4
vulnerability VCID-8u2b-ad6e-ukaw
5
vulnerability VCID-abdh-e635-17cp
6
vulnerability VCID-bes6-jjfw-tbdx
7
vulnerability VCID-bzyu-42js-e3e6
8
vulnerability VCID-cf81-wpvh-kqa2
9
vulnerability VCID-cjpk-feb2-zqds
10
vulnerability VCID-etr9-c84d-vuhr
11
vulnerability VCID-gneu-b3qk-q7e4
12
vulnerability VCID-j5b5-zjxe-ffhu
13
vulnerability VCID-j71z-t8bh-wbb4
14
vulnerability VCID-jtjs-y7k7-r7ae
15
vulnerability VCID-k2ku-9mx2-b3a9
16
vulnerability VCID-kjnb-e6nd-wudn
17
vulnerability VCID-mtgm-vqw9-1ubf
18
vulnerability VCID-myg3-46rj-3qax
19
vulnerability VCID-n2nm-knaw-gkgx
20
vulnerability VCID-pqyk-2c8e-5yh5
21
vulnerability VCID-psr7-vapd-6udz
22
vulnerability VCID-q2ng-jgm7-8uc9
23
vulnerability VCID-r61c-726k-bfh5
24
vulnerability VCID-t296-efx6-1yba
25
vulnerability VCID-t414-nm3b-cfev
26
vulnerability VCID-tk2g-6m19-yqg3
27
vulnerability VCID-v25d-upc8-wfh4
28
vulnerability VCID-wtyd-7ppt-23cj
29
vulnerability VCID-x248-nq74-wbbs
30
vulnerability VCID-ztu1-8yz5-tyc6
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvirt@1.2.9-9
aliases CVE-2014-3657
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-g59s-kpjm-dbbg
5
url VCID-g94m-69qv-8kgk
vulnerability_id VCID-g94m-69qv-8kgk
summary The storageVolUpload function in storage/storage_driver.c in libvirt before 1.2.11 does not check a certain return value, which allows local users to cause a denial of service (NULL pointer dereference and daemon crash) via a crafted offset value in a "virsh vol-upload" command.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-8135.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-8135.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2014-8135
reference_id
reference_type
scores
0
value 0.00067
scoring_system epss
scoring_elements 0.20935
published_at 2026-06-04T12:55:00Z
1
value 0.00067
scoring_system epss
scoring_elements 0.2101
published_at 2026-06-05T12:55:00Z
2
value 0.00067
scoring_system epss
scoring_elements 0.20996
published_at 2026-06-06T12:55:00Z
3
value 0.00067
scoring_system epss
scoring_elements 0.20951
published_at 2026-06-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2014-8135
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8135
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8135
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1176182
reference_id 1176182
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1176182
4
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=773855
reference_id 773855
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=773855
5
reference_url https://security.gentoo.org/glsa/201412-36
reference_id GLSA-201412-36
reference_type
scores
url https://security.gentoo.org/glsa/201412-36
fixed_packages
0
url pkg:deb/debian/libvirt@1.2.9-9
purl pkg:deb/debian/libvirt@1.2.9-9
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-4sf9-8j9p-3fgz
1
vulnerability VCID-53fz-t4zs-7kbk
2
vulnerability VCID-6pj3-mq9g-yye9
3
vulnerability VCID-75av-3nr7-bkh1
4
vulnerability VCID-8u2b-ad6e-ukaw
5
vulnerability VCID-abdh-e635-17cp
6
vulnerability VCID-bes6-jjfw-tbdx
7
vulnerability VCID-bzyu-42js-e3e6
8
vulnerability VCID-cf81-wpvh-kqa2
9
vulnerability VCID-cjpk-feb2-zqds
10
vulnerability VCID-etr9-c84d-vuhr
11
vulnerability VCID-gneu-b3qk-q7e4
12
vulnerability VCID-j5b5-zjxe-ffhu
13
vulnerability VCID-j71z-t8bh-wbb4
14
vulnerability VCID-jtjs-y7k7-r7ae
15
vulnerability VCID-k2ku-9mx2-b3a9
16
vulnerability VCID-kjnb-e6nd-wudn
17
vulnerability VCID-mtgm-vqw9-1ubf
18
vulnerability VCID-myg3-46rj-3qax
19
vulnerability VCID-n2nm-knaw-gkgx
20
vulnerability VCID-pqyk-2c8e-5yh5
21
vulnerability VCID-psr7-vapd-6udz
22
vulnerability VCID-q2ng-jgm7-8uc9
23
vulnerability VCID-r61c-726k-bfh5
24
vulnerability VCID-t296-efx6-1yba
25
vulnerability VCID-t414-nm3b-cfev
26
vulnerability VCID-tk2g-6m19-yqg3
27
vulnerability VCID-v25d-upc8-wfh4
28
vulnerability VCID-wtyd-7ppt-23cj
29
vulnerability VCID-x248-nq74-wbbs
30
vulnerability VCID-ztu1-8yz5-tyc6
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvirt@1.2.9-9
aliases CVE-2014-8135
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-g94m-69qv-8kgk
6
url VCID-kta6-5pt1-27at
vulnerability_id VCID-kta6-5pt1-27at
summary The qemu implementation of virConnectGetAllDomainStats in libvirt before 1.2.11 does not properly handle locks when a domain is skipped due to ACL restrictions, which allows a remote authenticated users to cause a denial of service (deadlock or segmentation fault and crash) via a request to access the users does not have privileges to access.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-8131.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-8131.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2014-8131
reference_id
reference_type
scores
0
value 0.00374
scoring_system epss
scoring_elements 0.59385
published_at 2026-06-04T12:55:00Z
1
value 0.00374
scoring_system epss
scoring_elements 0.59436
published_at 2026-06-05T12:55:00Z
2
value 0.00374
scoring_system epss
scoring_elements 0.59439
published_at 2026-06-06T12:55:00Z
3
value 0.00374
scoring_system epss
scoring_elements 0.59431
published_at 2026-06-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2014-8131
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8131
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8131
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1172569
reference_id 1172569
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1172569
4
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=773858
reference_id 773858
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=773858
5
reference_url https://security.gentoo.org/glsa/201412-36
reference_id GLSA-201412-36
reference_type
scores
url https://security.gentoo.org/glsa/201412-36
fixed_packages
0
url pkg:deb/debian/libvirt@1.2.9-9
purl pkg:deb/debian/libvirt@1.2.9-9
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-4sf9-8j9p-3fgz
1
vulnerability VCID-53fz-t4zs-7kbk
2
vulnerability VCID-6pj3-mq9g-yye9
3
vulnerability VCID-75av-3nr7-bkh1
4
vulnerability VCID-8u2b-ad6e-ukaw
5
vulnerability VCID-abdh-e635-17cp
6
vulnerability VCID-bes6-jjfw-tbdx
7
vulnerability VCID-bzyu-42js-e3e6
8
vulnerability VCID-cf81-wpvh-kqa2
9
vulnerability VCID-cjpk-feb2-zqds
10
vulnerability VCID-etr9-c84d-vuhr
11
vulnerability VCID-gneu-b3qk-q7e4
12
vulnerability VCID-j5b5-zjxe-ffhu
13
vulnerability VCID-j71z-t8bh-wbb4
14
vulnerability VCID-jtjs-y7k7-r7ae
15
vulnerability VCID-k2ku-9mx2-b3a9
16
vulnerability VCID-kjnb-e6nd-wudn
17
vulnerability VCID-mtgm-vqw9-1ubf
18
vulnerability VCID-myg3-46rj-3qax
19
vulnerability VCID-n2nm-knaw-gkgx
20
vulnerability VCID-pqyk-2c8e-5yh5
21
vulnerability VCID-psr7-vapd-6udz
22
vulnerability VCID-q2ng-jgm7-8uc9
23
vulnerability VCID-r61c-726k-bfh5
24
vulnerability VCID-t296-efx6-1yba
25
vulnerability VCID-t414-nm3b-cfev
26
vulnerability VCID-tk2g-6m19-yqg3
27
vulnerability VCID-v25d-upc8-wfh4
28
vulnerability VCID-wtyd-7ppt-23cj
29
vulnerability VCID-x248-nq74-wbbs
30
vulnerability VCID-ztu1-8yz5-tyc6
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvirt@1.2.9-9
aliases CVE-2014-8131
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-kta6-5pt1-27at
7
url VCID-vsx2-9wna-nuf2
vulnerability_id VCID-vsx2-9wna-nuf2
summary libvirt 1.0.0 through 1.2.x before 1.2.5, when fine grained access control is enabled, allows local users to read arbitrary files via a crafted XML document containing an XML external entity declaration in conjunction with an entity reference to the (1) virDomainDefineXML, (2) virNetworkCreateXML, (3) virNetworkDefineXML, (4) virStoragePoolCreateXML, (5) virStoragePoolDefineXML, (6) virStorageVolCreateXML, (7) virDomainCreateXML, (8) virNodeDeviceCreateXML, (9) virInterfaceDefineXML, (10) virStorageVolCreateXMLFrom, (11) virConnectDomainXMLFromNative, (12) virConnectDomainXMLToNative, (13) virSecretDefineXML, (14) virNWFilterDefineXML, (15) virDomainSnapshotCreateXML, (16) virDomainSaveImageDefineXML, (17) virDomainCreateXMLWithFiles, (18) virConnectCompareCPU, or (19) virConnectBaselineCPU API method, related to an XML External Entity (XXE) issue. NOTE: this issue was SPLIT from CVE-2014-0179 per ADT3 due to different affected versions of some vectors.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-5177.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-5177.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2014-5177
reference_id
reference_type
scores
0
value 0.00114
scoring_system epss
scoring_elements 0.29631
published_at 2026-06-07T12:55:00Z
1
value 0.00114
scoring_system epss
scoring_elements 0.297
published_at 2026-06-05T12:55:00Z
2
value 0.00114
scoring_system epss
scoring_elements 0.29664
published_at 2026-06-06T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2014-5177
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5177
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5177
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1088290
reference_id 1088290
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1088290
4
reference_url https://security.gentoo.org/glsa/201412-04
reference_id GLSA-201412-04
reference_type
scores
url https://security.gentoo.org/glsa/201412-04
5
reference_url https://access.redhat.com/errata/RHSA-2014:0914
reference_id RHSA-2014:0914
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:0914
6
reference_url https://usn.ubuntu.com/2366-1/
reference_id USN-2366-1
reference_type
scores
url https://usn.ubuntu.com/2366-1/
fixed_packages
0
url pkg:deb/debian/libvirt@1.2.9-9
purl pkg:deb/debian/libvirt@1.2.9-9
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-4sf9-8j9p-3fgz
1
vulnerability VCID-53fz-t4zs-7kbk
2
vulnerability VCID-6pj3-mq9g-yye9
3
vulnerability VCID-75av-3nr7-bkh1
4
vulnerability VCID-8u2b-ad6e-ukaw
5
vulnerability VCID-abdh-e635-17cp
6
vulnerability VCID-bes6-jjfw-tbdx
7
vulnerability VCID-bzyu-42js-e3e6
8
vulnerability VCID-cf81-wpvh-kqa2
9
vulnerability VCID-cjpk-feb2-zqds
10
vulnerability VCID-etr9-c84d-vuhr
11
vulnerability VCID-gneu-b3qk-q7e4
12
vulnerability VCID-j5b5-zjxe-ffhu
13
vulnerability VCID-j71z-t8bh-wbb4
14
vulnerability VCID-jtjs-y7k7-r7ae
15
vulnerability VCID-k2ku-9mx2-b3a9
16
vulnerability VCID-kjnb-e6nd-wudn
17
vulnerability VCID-mtgm-vqw9-1ubf
18
vulnerability VCID-myg3-46rj-3qax
19
vulnerability VCID-n2nm-knaw-gkgx
20
vulnerability VCID-pqyk-2c8e-5yh5
21
vulnerability VCID-psr7-vapd-6udz
22
vulnerability VCID-q2ng-jgm7-8uc9
23
vulnerability VCID-r61c-726k-bfh5
24
vulnerability VCID-t296-efx6-1yba
25
vulnerability VCID-t414-nm3b-cfev
26
vulnerability VCID-tk2g-6m19-yqg3
27
vulnerability VCID-v25d-upc8-wfh4
28
vulnerability VCID-wtyd-7ppt-23cj
29
vulnerability VCID-x248-nq74-wbbs
30
vulnerability VCID-ztu1-8yz5-tyc6
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvirt@1.2.9-9
aliases CVE-2014-5177
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-vsx2-9wna-nuf2
8
url VCID-yb4y-39u3-eufg
vulnerability_id VCID-yb4y-39u3-eufg
summary libvirt 0.7.5 through 1.2.x before 1.2.5 allows local users to cause a denial of service (read block and hang) via a crafted XML document containing an XML external entity declaration in conjunction with an entity reference to the (1) virConnectCompareCPU or (2) virConnectBaselineCPU API method, related to an XML External Entity (XXE) issue. NOTE: this issue was SPLIT per ADT3 due to different affected versions of some vectors. CVE-2014-5177 is used for other API methods.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0179.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0179.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2014-0179
reference_id
reference_type
scores
0
value 0.00106
scoring_system epss
scoring_elements 0.28286
published_at 2026-06-04T12:55:00Z
1
value 0.00106
scoring_system epss
scoring_elements 0.28358
published_at 2026-06-05T12:55:00Z
2
value 0.00106
scoring_system epss
scoring_elements 0.28309
published_at 2026-06-06T12:55:00Z
3
value 0.00106
scoring_system epss
scoring_elements 0.28268
published_at 2026-06-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2014-0179
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0179
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0179
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3633
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3633
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1088290
reference_id 1088290
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1088290
5
reference_url https://security.gentoo.org/glsa/201412-04
reference_id GLSA-201412-04
reference_type
scores
url https://security.gentoo.org/glsa/201412-04
6
reference_url https://access.redhat.com/errata/RHSA-2014:0560
reference_id RHSA-2014:0560
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:0560
7
reference_url https://access.redhat.com/errata/RHSA-2014:0914
reference_id RHSA-2014:0914
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:0914
8
reference_url https://usn.ubuntu.com/2366-1/
reference_id USN-2366-1
reference_type
scores
url https://usn.ubuntu.com/2366-1/
fixed_packages
0
url pkg:deb/debian/libvirt@0.9.12.3-1%2Bdeb7u1
purl pkg:deb/debian/libvirt@0.9.12.3-1%2Bdeb7u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-4sf9-8j9p-3fgz
1
vulnerability VCID-522f-y6qx-nfhn
2
vulnerability VCID-53fz-t4zs-7kbk
3
vulnerability VCID-5th2-yymu-x7hm
4
vulnerability VCID-6pj3-mq9g-yye9
5
vulnerability VCID-75av-3nr7-bkh1
6
vulnerability VCID-7ezn-r2xq-c7de
7
vulnerability VCID-7ks5-8e2n-tua4
8
vulnerability VCID-8fmd-jdpb-v7eb
9
vulnerability VCID-8frc-fhvs-bucm
10
vulnerability VCID-8u2b-ad6e-ukaw
11
vulnerability VCID-8wxg-1wr8-rfca
12
vulnerability VCID-9cft-v9u9-fubh
13
vulnerability VCID-abdh-e635-17cp
14
vulnerability VCID-bes6-jjfw-tbdx
15
vulnerability VCID-bw47-fewt-2fax
16
vulnerability VCID-bzyu-42js-e3e6
17
vulnerability VCID-cf81-wpvh-kqa2
18
vulnerability VCID-cjpk-feb2-zqds
19
vulnerability VCID-db3h-q8fp-b3ds
20
vulnerability VCID-dqys-qxtq-7yd9
21
vulnerability VCID-etr9-c84d-vuhr
22
vulnerability VCID-g2pc-1es2-3qer
23
vulnerability VCID-g3k9-1rc3-xfhu
24
vulnerability VCID-g59s-kpjm-dbbg
25
vulnerability VCID-g94m-69qv-8kgk
26
vulnerability VCID-gneu-b3qk-q7e4
27
vulnerability VCID-h8hd-mdcx-tben
28
vulnerability VCID-j5b5-zjxe-ffhu
29
vulnerability VCID-j71z-t8bh-wbb4
30
vulnerability VCID-jtjs-y7k7-r7ae
31
vulnerability VCID-jzhx-dfgg-37ct
32
vulnerability VCID-k2ku-9mx2-b3a9
33
vulnerability VCID-kjnb-e6nd-wudn
34
vulnerability VCID-kn2h-kurp-pbcc
35
vulnerability VCID-kqsz-xg9j-ukeu
36
vulnerability VCID-kta6-5pt1-27at
37
vulnerability VCID-mtgm-vqw9-1ubf
38
vulnerability VCID-myg3-46rj-3qax
39
vulnerability VCID-mzv1-uhwm-fqd2
40
vulnerability VCID-n2nm-knaw-gkgx
41
vulnerability VCID-p3ja-7zqb-mybj
42
vulnerability VCID-pqyk-2c8e-5yh5
43
vulnerability VCID-psr7-vapd-6udz
44
vulnerability VCID-q2ng-jgm7-8uc9
45
vulnerability VCID-qpvd-b2ru-d7a3
46
vulnerability VCID-qtct-kbdm-z7ed
47
vulnerability VCID-qw96-udhq-q7b6
48
vulnerability VCID-r61c-726k-bfh5
49
vulnerability VCID-rrcc-k1cq-5ugw
50
vulnerability VCID-t296-efx6-1yba
51
vulnerability VCID-t414-nm3b-cfev
52
vulnerability VCID-tk2g-6m19-yqg3
53
vulnerability VCID-u1x7-9n1d-8qb3
54
vulnerability VCID-urzt-z32b-97dp
55
vulnerability VCID-v25d-upc8-wfh4
56
vulnerability VCID-vsx2-9wna-nuf2
57
vulnerability VCID-wtyd-7ppt-23cj
58
vulnerability VCID-x248-nq74-wbbs
59
vulnerability VCID-yb4y-39u3-eufg
60
vulnerability VCID-ztu1-8yz5-tyc6
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvirt@0.9.12.3-1%252Bdeb7u1
1
url pkg:deb/debian/libvirt@1.2.9-9
purl pkg:deb/debian/libvirt@1.2.9-9
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-4sf9-8j9p-3fgz
1
vulnerability VCID-53fz-t4zs-7kbk
2
vulnerability VCID-6pj3-mq9g-yye9
3
vulnerability VCID-75av-3nr7-bkh1
4
vulnerability VCID-8u2b-ad6e-ukaw
5
vulnerability VCID-abdh-e635-17cp
6
vulnerability VCID-bes6-jjfw-tbdx
7
vulnerability VCID-bzyu-42js-e3e6
8
vulnerability VCID-cf81-wpvh-kqa2
9
vulnerability VCID-cjpk-feb2-zqds
10
vulnerability VCID-etr9-c84d-vuhr
11
vulnerability VCID-gneu-b3qk-q7e4
12
vulnerability VCID-j5b5-zjxe-ffhu
13
vulnerability VCID-j71z-t8bh-wbb4
14
vulnerability VCID-jtjs-y7k7-r7ae
15
vulnerability VCID-k2ku-9mx2-b3a9
16
vulnerability VCID-kjnb-e6nd-wudn
17
vulnerability VCID-mtgm-vqw9-1ubf
18
vulnerability VCID-myg3-46rj-3qax
19
vulnerability VCID-n2nm-knaw-gkgx
20
vulnerability VCID-pqyk-2c8e-5yh5
21
vulnerability VCID-psr7-vapd-6udz
22
vulnerability VCID-q2ng-jgm7-8uc9
23
vulnerability VCID-r61c-726k-bfh5
24
vulnerability VCID-t296-efx6-1yba
25
vulnerability VCID-t414-nm3b-cfev
26
vulnerability VCID-tk2g-6m19-yqg3
27
vulnerability VCID-v25d-upc8-wfh4
28
vulnerability VCID-wtyd-7ppt-23cj
29
vulnerability VCID-x248-nq74-wbbs
30
vulnerability VCID-ztu1-8yz5-tyc6
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvirt@1.2.9-9
aliases CVE-2014-0179
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-yb4y-39u3-eufg
Risk_score4.5
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:deb/debian/libvirt@1.2.9-9