Red hat enterprise virtualization

This hub aggregates every CVE we track for Red hat enterprise virtualization, a product in the operating systems space. Use it to gauge the current risk picture and drill into individual advisories.

Severity distribution

Monthly trend

The 9 most recently published vulnerabilities affecting Red hat enterprise virtualization.

• CVE-2022-24903Buffer overflow in TCP syslog server (receiver) components in rsyslog8.1May 5, 2022
• CVE-2021-22555Heap Out-Of-Bounds Write in Netfilter IP6T_SO_SET_REPLACEKEV8.3Jul 7, 2021
• CVE-2020-12352Improper access control in BlueZ may allow an unauthenticated user to potentially enable information disclosure via adjacent access.6.5Nov 23, 2020
• CVE-2020-12351Improper input validation in BlueZ may allow an unauthenticated user to potentially enable escalation of privilege via adjacent access.8.8Nov 23, 2020
• CVE-2019-11135TSX Asynchronous Abort condition on some CPUs utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access.6.5Nov 14, 2019
• CVE-2019-3863A flaw was found in libssh2 before 1.8.1 creating a vulnerability on the SSH client side. A server could send a multiple keyboard interactive response messages whose total length are greater than u...7.5Mar 25, 2019
• CVE-2018-5407Simultaneous Multi-threading (SMT) in processors can enable local users to exploit software vulnerable to timing attacks via a side-channel timing attack on 'port contention'.4.7Nov 15, 2018
• CVE-2012-6153http/conn/ssl/AbstractVerifier.java in Apache Commons HttpClient before 4.2.3 does not properly verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAlt...4.3Sep 4, 2014
• CVE-2014-3577org.apache.http.conn.ssl.AbstractVerifier in Apache HttpComponents HttpClient before 4.3.5 and HttpAsyncClient before 4.0.2 does not properly verify that the server hostname matches a domain name i...5.8Aug 21, 2014