Product:

Virtualization_manager

(Redhat)
Repositories https://github.com/ansible/ansible
#Vulnerabilities 13
Date Id Summary Products Score Patch Annotated
2022-03-03 CVE-2021-3620 A flaw was found in Ansible Engine's ansible-connection module, where sensitive information such as the Ansible user credentials is disclosed by default in the traceback error message. The highest threat from this vulnerability is to confidentiality. Ansible_automation_platform_early_access, Ansible_engine, Enterprise_linux, Enterprise_linux_for_power_little_endian, Openstack, Virtualization, Virtualization_for_ibm_power_little_endian, Virtualization_host, Virtualization_manager 5.5
2019-02-20 CVE-2019-8331 In Bootstrap before 3.4.1 and 4.3.x before 4.3.1, XSS is possible in the tooltip or popover data-template attribute. Big\-Ip_access_policy_manager, Big\-Ip_advanced_firewall_manager, Big\-Ip_analytics, Big\-Ip_application_acceleration_manager, Big\-Ip_application_security_manager, Big\-Ip_domain_name_system, Big\-Ip_edge_gateway, Big\-Ip_fraud_protection_service, Big\-Ip_global_traffic_manager, Big\-Ip_link_controller, Big\-Ip_local_traffic_manager, Big\-Ip_policy_enforcement_manager, Big\-Ip_webaccelerator, Bootstrap, Virtualization_manager, Tenable\.sc 6.1
2019-11-14 CVE-2019-11135 TSX Asynchronous Abort condition on some CPUs utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. Ubuntu_linux, Debian_linux, Fedora, Apollo_2000_firmware, Apollo_4200_firmware, Proliant_bl460c_firmware, Proliant_dl120_firmware, Proliant_dl160_firmware, Proliant_dl180_firmware, Proliant_dl20_firmware, Proliant_dl360_firmware, Proliant_dl380_firmware, Proliant_dl560_firmware, Proliant_dl580_firmware, Proliant_e910_firmware, Proliant_ml110_firmware, Proliant_ml30_firmware, Proliant_ml350_firmware, Proliant_xl170r_firmware, Proliant_xl190r_firmware, Proliant_xl230k_firmware, Proliant_xl270d_firmware, Proliant_xl450_firmware, Synergy_480_firmware, Synergy_660_firmware, Celeron_5305u_firmware, Core_i5\-10110y_firmware, Core_i5\-10210u_firmware, Core_i5\-10210y_firmware, Core_i5\-10310y_firmware, Core_i5\-8200y_firmware, Core_i5\-8210y_firmware, Core_i5\-8265u_firmware, Core_i5\-8310y_firmware, Core_i5\-8365u_firmware, Core_i5\-9300h_firmware, Core_i5\-9400_firmware, Core_i5\-9400f_firmware, Core_i5\-9400h_firmware, Core_i5\-9600k_firmware, Core_i5\-9600kf_firmware, Core_i7\-10510u_firmware, Core_i7\-10510y_firmware, Core_i7\-8500y_firmware, Core_i7\-8565u_firmware, Core_i7\-8665u_firmware, Core_i7\-9700k_firmware, Core_i7\-9700kf_firmware, Core_i7\-9750hf_firmware, Core_i7\-9850h_firmware, Core_i9\-9880h_firmware, Core_i9\-9900k_firmware, Core_i9\-9900kf_firmware, Core_i9\-9980hk_firmware, Core_m3\-8100y_firmware, Pentium_6405u_firmware, Xeon_3204_firmware, Xeon_3206r_firmware, Xeon_4208_firmware, Xeon_4208r_firmware, Xeon_4209t_firmware, Xeon_4210_firmware, Xeon_4210r_firmware, Xeon_4214_firmware, Xeon_4214c_firmware, Xeon_4214r_firmware, Xeon_4214y_firmware, Xeon_4215_firmware, Xeon_4216_firmware, Xeon_4216r_firmware, Xeon_5215_firmware, Xeon_5215l_firmware, Xeon_5215m_firmware, Xeon_5215r_firmware, Xeon_5217_firmware, Xeon_5218_firmware, Xeon_5218b_firmware, Xeon_5218n_firmware, Xeon_5218t_firmware, Xeon_5220_firmware, Xeon_5220r_firmware, Xeon_5220s_firmware, Xeon_5220t_firmware, Xeon_5222_firmware, Xeon_6222v_firmware, Xeon_6226_firmware, Xeon_6230_firmware, Xeon_6230n_firmware, Xeon_6230t_firmware, Xeon_6234_firmware, Xeon_6238_firmware, Xeon_6238l_firmware, Xeon_6238m_firmware, Xeon_6238t_firmware, Xeon_6240_firmware, Xeon_6240l_firmware, Xeon_6240m_firmware, Xeon_6240y_firmware, Xeon_6242_firmware, Xeon_6244_firmware, Xeon_6246_firmware, Xeon_6248_firmware, Xeon_6252_firmware, Xeon_6252n_firmware, Xeon_6254_firmware, Xeon_6262v_firmware, Xeon_8253_firmware, Xeon_8256_firmware, Xeon_8260_firmware, Xeon_8260l_firmware, Xeon_8260m_firmware, Xeon_8260y_firmware, Xeon_8268_firmware, Xeon_8270_firmware, Xeon_8276_firmware, Xeon_8276l_firmware, Xeon_8276m_firmware, Xeon_8280_firmware, Xeon_8280l_firmware, Xeon_8280m_firmware, Xeon_9220_firmware, Xeon_9221_firmware, Xeon_9222_firmware, Xeon_9242_firmware, Xeon_9282_firmware, Xeon_e\-2278g_firmware, Xeon_e\-2278ge_firmware, Xeon_e\-2278gel_firmware, Xeon_e\-2286m_firmware, Xeon_e\-2288g_firmware, Xeon_w\-2223_firmware, Xeon_w\-2225_firmware, Xeon_w\-2235_firmware, Xeon_w\-2245_firmware, Xeon_w\-2255_firmware, Xeon_w\-2265_firmware, Xeon_w\-2275_firmware, Xeon_w\-2295_firmware, Xeon_w\-3223_firmware, Xeon_w\-3225_firmware, Xeon_w\-3235_firmware, Xeon_w\-3245_firmware, Xeon_w\-3245m_firmware, Xeon_w\-3265_firmware, Xeon_w\-3265m_firmware, Xeon_w\-3275_firmware, Xeon_w\-3275m_firmware, Leap, Zfs_storage_appliance_kit, Codeready_linux_builder, Codeready_linux_builder_eus, Enterprise_linux, Enterprise_linux_desktop, Enterprise_linux_eus, Enterprise_linux_server, Enterprise_linux_server_aus, Enterprise_linux_server_tus, Enterprise_linux_workstation, Virtualization_manager, Slackware 6.5
2019-07-11 CVE-2019-10194 Sensitive passwords used in deployment and configuration of oVirt Metrics, all versions. were found to be insufficiently protected. Passwords could be disclosed in log files (if playbooks are run with -v) or in playbooks stored on Metrics or Bastion hosts. Ovirt, Virtualization_manager 5.5
2019-01-25 CVE-2018-16881 A denial of service vulnerability was found in rsyslog in the imptcp module. An attacker could send a specially crafted message to the imptcp socket, which would cause rsyslog to crash. Versions before 8.27.0 are vulnerable. Debian_linux, Enterprise_linux_desktop, Enterprise_linux_for_ibm_z_systems, Enterprise_linux_for_power_big_endian, Enterprise_linux_for_power_little_endian, Enterprise_linux_for_scientific_computing, Enterprise_linux_server, Enterprise_linux_workstation, Virtualization, Virtualization_host, Virtualization_manager, Rsyslog 7.5
2018-05-22 CVE-2018-3639 Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prior memory writes are known may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis, aka Speculative Store Bypass (SSB), Variant 4. Cortex\-A, Ubuntu_linux, Debian_linux, Atom_c, Atom_e, Atom_x5\-E3930, Atom_x5\-E3940, Atom_x7\-E3950, Atom_z, Celeron_j, Celeron_n, Core_i3, Core_i5, Core_i7, Core_m, Pentium, Pentium_j, Pentium_silver, Xeon_e3, Xeon_e3_1105c_v2, Xeon_e3_1125c_v2, Xeon_e3_12201, Xeon_e3_12201_v2, Xeon_e3_1220_v2, Xeon_e3_1220_v3, Xeon_e3_1220_v5, Xeon_e3_1220_v6, Xeon_e3_1220l_v3, Xeon_e3_1225, Xeon_e3_1225_v2, Xeon_e3_1225_v3, Xeon_e3_1225_v5, Xeon_e3_1225_v6, Xeon_e3_1226_v3, Xeon_e3_1230, Xeon_e3_1230_v2, Xeon_e3_1230_v3, Xeon_e3_1230_v5, Xeon_e3_1230_v6, Xeon_e3_1230l_v3, Xeon_e3_1231_v3, Xeon_e3_1235, Xeon_e3_1235l_v5, Xeon_e3_1240, Xeon_e3_1240_v2, Xeon_e3_1240_v3, Xeon_e3_1240_v5, Xeon_e3_1240_v6, Xeon_e3_1240l_v3, Xeon_e3_1240l_v5, Xeon_e3_1241_v3, Xeon_e3_1245, Xeon_e3_1245_v2, Xeon_e3_1245_v3, Xeon_e3_1245_v5, Xeon_e3_1245_v6, Xeon_e3_1246_v3, Xeon_e3_1258l_v4, Xeon_e3_1260l, Xeon_e3_1260l_v5, Xeon_e3_1265l_v2, Xeon_e3_1265l_v3, Xeon_e3_1265l_v4, Xeon_e3_1268l_v3, Xeon_e3_1268l_v5, Xeon_e3_1270, Xeon_e3_1270_v2, Xeon_e3_1270_v3, Xeon_e3_1270_v5, Xeon_e3_1270_v6, Xeon_e3_1271_v3, Xeon_e3_1275_v2, Xeon_e3_1275_v3, Xeon_e3_1275_v5, Xeon_e3_1275_v6, Xeon_e3_1275l_v3, Xeon_e3_1276_v3, Xeon_e3_1278l_v4, Xeon_e3_1280, Xeon_e3_1280_v2, Xeon_e3_1280_v3, Xeon_e3_1280_v5, Xeon_e3_1280_v6, Xeon_e3_1281_v3, Xeon_e3_1285_v3, Xeon_e3_1285_v4, Xeon_e3_1285_v6, Xeon_e3_1285l_v3, Xeon_e3_1285l_v4, Xeon_e3_1286_v3, Xeon_e3_1286l_v3, Xeon_e3_1290, Xeon_e3_1290_v2, Xeon_e3_1501l_v6, Xeon_e3_1501m_v6, Xeon_e3_1505l_v5, Xeon_e3_1505l_v6, Xeon_e3_1505m_v5, Xeon_e5, Xeon_e5_1428l, Xeon_e5_1428l_v2, Xeon_e5_1428l_v3, Xeon_e5_1620, Xeon_e5_1620_v2, Xeon_e5_1620_v3, Xeon_e5_1620_v4, Xeon_e5_1630_v3, Xeon_e5_1630_v4, Xeon_e5_1650, Xeon_e5_1650_v2, Xeon_e5_1650_v3, Xeon_e5_1650_v4, Xeon_e5_1660, Xeon_e5_1660_v2, Xeon_e5_1660_v3, Xeon_e5_1660_v4, Xeon_e5_1680_v3, Xeon_e5_1680_v4, Xeon_e5_2403, Xeon_e5_2403_v2, Xeon_e5_2407, Xeon_e5_2407_v2, Xeon_e5_2408l_v3, Xeon_e5_2418l, Xeon_e5_2418l_v2, Xeon_e5_2418l_v3, Xeon_e5_2420, Xeon_e5_2420_v2, Xeon_e5_2428l, Xeon_e5_2428l_v2, Xeon_e5_2428l_v3, Xeon_e5_2430, Xeon_e5_2430_v2, Xeon_e5_2430l, Xeon_e5_2430l_v2, Xeon_e5_2438l_v3, Xeon_e5_2440, Xeon_e5_2440_v2, Xeon_e5_2448l, Xeon_e5_2448l_v2, Xeon_e5_2450, Xeon_e5_2450_v2, Xeon_e5_2450l, Xeon_e5_2450l_v2, Xeon_e5_2470, Xeon_e5_2470_v2, Xeon_e5_2603, Xeon_e5_2603_v2, Xeon_e5_2603_v3, Xeon_e5_2603_v4, Xeon_e5_2608l_v3, Xeon_e5_2608l_v4, Xeon_e5_2609, Xeon_e5_2609_v2, Xeon_e5_2609_v3, Xeon_e5_2609_v4, Xeon_e5_2618l_v2, Xeon_e5_2618l_v3, Xeon_e5_2618l_v4, Xeon_e5_2620, Xeon_e5_2620_v2, Xeon_e5_2620_v3, Xeon_e5_2620_v4, Xeon_e5_2623_v3, Xeon_e5_2623_v4, Xeon_e5_2628l_v2, Xeon_e5_2628l_v3, Xeon_e5_2628l_v4, Xeon_e5_2630, Xeon_e5_2630_v2, Xeon_e5_2630_v3, Xeon_e5_2630_v4, Xeon_e5_2630l, Xeon_e5_2630l_v2, Xeon_e5_2630l_v3, Xeon_e5_2630l_v4, Xeon_e5_2637, Xeon_e5_2637_v2, Xeon_e5_2637_v3, Xeon_e5_2637_v4, Xeon_e5_2640, Xeon_e5_2640_v2, Xeon_e5_2640_v3, Xeon_e5_2640_v4, Xeon_e5_2643, Xeon_e5_2643_v2, Xeon_e5_2643_v3, Xeon_e5_2643_v4, Xeon_e5_2648l, Xeon_e5_2648l_v2, Xeon_e5_2648l_v3, Xeon_e5_2648l_v4, Xeon_e5_2650, Xeon_e5_2650_v2, Xeon_e5_2650_v3, Xeon_e5_2650_v4, Xeon_e5_2650l, Xeon_e5_2650l_v2, Xeon_e5_2650l_v3, Xeon_e7, Xeon_e\-1105c, Xeon_gold, Xeon_platinum, Xeon_silver, Surface, Surface_book, Surface_pro, Surface_pro_with_lte_advanced, Surface_studio, Windows_10, Windows_7, Windows_8\.1, Windows_server_2008, Windows_server_2012, Windows_server_2016, Micloud_management_portal, Micollab, Mivoic_mx\-One, Mivoice_5000, Mivoice_border_gateway, Mivoice_business, Mivoice_connect, Open_integration_gateway, Jetson_tx1, Jetson_tx2, Local_service_management_system, Solaris, Enterprise_linux_desktop, Enterprise_linux_eus, Enterprise_linux_server, Enterprise_linux_server_aus, Enterprise_linux_server_tus, Enterprise_linux_workstation, Mrg_realtime, Openstack, Virtualization, Virtualization_manager, Struxureware_data_center_expert, Itc1500_firmware, Itc1500_pro_firmware, Itc1900_firmware, Itc1900_pro_firmware, Itc2200_firmware, Itc2200_pro_firmware, Ruggedcom_ape_firmware, Simatic_et_200_sp_firmware, Simatic_field_pg_m4_firmware, Simatic_field_pg_m5_firmware, Simatic_ipc3000_smart_firmware, Simatic_ipc347e_firmware, Simatic_ipc427c_firmware, Simatic_ipc427d_firmware, Simatic_ipc427e_firmware, Simatic_ipc477c_firmware, Simatic_ipc477d_firmware, Simatic_ipc477e_firmware, Simatic_ipc477e_pro_firmware, Simatic_ipc547e_firmware, Simatic_ipc547g_firmware, Simatic_ipc627c_firmware, Simatic_ipc627d_firmware, Simatic_ipc647c_firmware, Simatic_ipc647d_firmware, Simatic_ipc677c_firmware, Simatic_ipc677d_firmware, Simatic_ipc827c_firmware, Simatic_ipc827d_firmware, Simatic_ipc847c_firmware, Simatic_ipc847d_firmware, Simatic_itp1000_firmware, Simatic_s7\-1500_firmware, Simotion_p320\-4e_firmware, Sinema_remote_connect_firmware, Sinumerik_840_d_sl_firmware, Sinumerik_pcu_50\.5_firmware, Sinumerik_tcu_30\.3_firmware, Cloud_global_management_system, Email_security, Global_management_system, Secure_mobile_access, Sonicosv, Web_application_firewall 5.5
2017-05-23 CVE-2017-9214 In Open vSwitch (OvS) 2.7.0, while parsing an OFPT_QUEUE_GET_CONFIG_REPLY type OFP 1.0 message, there is a buffer over-read that is caused by an unsigned integer underflow in the function `ofputil_pull_queue_get_config_reply10` in `lib/ofp-util.c`. Debian_linux, Openvswitch, Openstack, Virtualization, Virtualization_manager 9.8
2018-04-24 CVE-2018-1059 The DPDK vhost-user interface does not check to verify that all the requested guest physical range is mapped and contiguous when performing Guest Physical Addresses to Host Virtual Addresses translations. This may lead to a malicious guest exposing vhost-user backend process memory. All versions before 18.02.1 are vulnerable. Ubuntu_linux, Data_plane_development_kit, Ceph_storage, Enterprise_linux, Enterprise_linux_fast_datapath, Openshift, Openstack, Virtualization, Virtualization_manager 6.1
2018-07-19 CVE-2017-7481 Ansible before versions 2.3.1.0 and 2.4.0.0 fails to properly mark lookup-plugin results as unsafe. If an attacker could control the results of lookup() calls, they could inject Unicode strings to be parsed by the jinja2 templating system, resulting in code execution. By default, the jinja2 templating language is now marked as 'unsafe' and is not evaluated. Ubuntu_linux, Debian_linux, Ansible_engine, Gluster_storage, Openshift_container_platform, Openstack, Storage_console, Virtualization, Virtualization_manager 9.8
2018-10-09 CVE-2018-17963 qemu_deliver_packet_iov in net/net.c in Qemu accepts packet sizes greater than INT_MAX, which allows attackers to cause a denial of service or possibly have unspecified other impact. Ubuntu_linux, Debian_linux, Qemu, Openstack, Virtualization, Virtualization_manager 9.8