CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 1CVE-2013-4280
https://notcve.org/view.php?id=CVE-2013-4280
Insecure temporary file vulnerability in RedHat vsdm 4.9.6. Vulnerabilidad de archivo temporal no seguro en RedHat vsdm versión 4.9.6. • https://access.redhat.com/security/cve/cve-2013-4280 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4280 https://security-tracker.debian.org/tracker/CVE-2013-4280 • CWE-668: Exposure of Resource to Wrong Sphere •
CVSS: 7.8EPSS: 78%CPEs: 127EXPL: 0CVE-2018-5390 – Linux kernel versions 4.9+ can be forced to make very expensive calls to tcp_collapse_ofo_queue() and tcp_prune_ofo_queue() for every incoming packet which can lead to a denial of service
https://notcve.org/view.php?id=CVE-2018-5390
Linux kernel versions 4.9+ can be forced to make very expensive calls to tcp_collapse_ofo_queue() and tcp_prune_ofo_queue() for every incoming packet which can lead to a denial of service. El kernel de Linux en versiones 4.9 y siguientes pueden forzarse a realizar llamadas muy caras a tcp_collapse_ofo_queue() y tcp_prune_ofo_queue() para cada paquete entrante, lo que puede conducir a una denegación de servicio. A flaw named SegmentSmack was found in the way the Linux kernel handled specially crafted TCP packets. A remote attacker could use this flaw to trigger time and calculation expensive calls to tcp_collapse_ofo_queue() and tcp_prune_ofo_queue() functions by sending specially modified packets within ongoing TCP sessions which could lead to a CPU saturation and hence a denial of service on the system. Maintaining the denial of service condition requires continuous two-way TCP sessions to a reachable open port, thus the attacks cannot be performed using spoofed IP addresses. • http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2018-004.txt http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20181031-02-linux-en http://www.openwall.com/lists/oss-security/2019/06/28/2 http://www.openwall.com/lists/oss-security/2019/07/06/3 http://www.openwall.com/lists/oss-security/2019/07/06/4 http://www.securityfocus.com/bid/104976 http://www.securitytracker.com/id/1041424 http://www.securitytracker.com/id/1041434 https://access.redhat.co • CWE-400: Uncontrolled Resource Consumption •
CVSS: 5.9EPSS: 0%CPEs: 1EXPL: 0CVE-2015-5293
https://notcve.org/view.php?id=CVE-2015-5293
Red Hat Enterprise Virtualization Manager 3.6 and earlier gives valid SLAAC IPv6 addresses to interfaces when "boot protocol" is set to None, which might allow remote attackers to communicate with a system designated to be unreachable. Red Hat Enterprise Virtualization Manager 3.6 y anteriores entrega direcciones SLAAC IPv6 válidas a interfaces cuando "boot protocol" se establece como None. Esto podría permitir que atacantes remotos se comuniquen con un sistema diseñado para ser inalcanzable. • https://access.redhat.com/security/cve/CVE-2015-5293 https://bugzilla.redhat.com/show_bug.cgi?id=1267714 • CWE-284: Improper Access Control •
CVSS: 3.5EPSS: 0%CPEs: 1EXPL: 0CVE-2015-0257 – ovirt-engine-dwh: incorrect permissions on plugin file containing passwords
https://notcve.org/view.php?id=CVE-2015-0257
Red Hat Enterprise Virtualization (RHEV) Manager before 3.5.1 uses weak permissions on the directories shared by the ovirt-engine-dwhd service and a plugin during service startup, which allows local users to obtain sensitive information by reading files in the directory. Red Hat Enterprise Virtualization (RHEV) Manager anterior a 3.5.1 utiliza permisos débiles en los directorios compartidos por el servicio ovirt-engine-dwhd y un plugin durante el inicio del servicio, lo que permite a usuarios locales obtener información sensible mediante la lectura de ficheros en el directorio. It was discovered that a directory shared between the ovirt-engine-dwhd service and a plug-in used during the service's startup had incorrect permissions. A local user could use this flaw to access files in this directory, which could potentially contain sensitive information. • http://rhn.redhat.com/errata/RHSA-2015-0888.html http://www.securitytracker.com/id/1032231 https://access.redhat.com/security/cve/CVE-2015-0257 https://bugzilla.redhat.com/show_bug.cgi?id=1189085 • CWE-264: Permissions, Privileges, and Access Controls CWE-732: Incorrect Permission Assignment for Critical Resource •
CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 0CVE-2015-0237 – vdsm: Users attempting a live storage migration create snapshot without snapshot creation permissions
https://notcve.org/view.php?id=CVE-2015-0237
Red Hat Enterprise Virtualization (RHEV) Manager before 3.5.1 ignores the permission to deny snapshot creation during live storage migration between domains, which allows remote authenticated users to cause a denial of service (prevent host start) by creating a long snapshot chain. Red Hat Enterprise Virtualization (RHEV) Manager anterior a 3.5.1 ignora el permiso para denegar la creación de instantáneas durante la migración del almacenaje en vivo entre dominios, lo que permite a usuarios remotos autenticados causar una denegación de servicio (impedir el inicio del anfitrión) mediante la creación de una cadena larga de instantáneas. It was discovered that the permissions to allow or deny snapshot creation were ignored during live storage migration of a VM's disk between storage domains. An attacker able to live migrate a disk between storage domains could use this flaw to cause a denial of service. • http://rhn.redhat.com/errata/RHSA-2015-0888.html http://www.securitytracker.com/id/1032231 https://access.redhat.com/security/cve/CVE-2015-0237 https://bugzilla.redhat.com/show_bug.cgi?id=1184716 • CWE-264: Permissions, Privileges, and Access Controls CWE-732: Incorrect Permission Assignment for Critical Resource •