| Bug | Description |
|---|
| CVE-2021-3559 | A flaw was found in libvirt in the virConnectListAllNodeDevices API in ... |
| CVE-2020-15708 | Ubuntu's packaging of libvirt in 20.04 LTS created a control socket wi ... |
| CVE-2020-14339 | A flaw was found in libvirt, where it leaked a file descriptor for `/d ... |
| CVE-2020-14301 | An information disclosure vulnerability was found in libvirt in versio ... |
| CVE-2020-10701 | A missing authorization flaw was found in the libvirt API responsible ... |
| CVE-2019-10168 | The virConnectBaselineHypervisorCPU() and virConnectCompareHypervisorC ... |
| CVE-2019-10167 | The virConnectGetDomainCapabilities() libvirt API, versions 4.x.x befo ... |
| CVE-2019-10166 | It was discovered that libvirtd, versions 4.x.x before 4.10.1 and 5.x. ... |
| CVE-2019-10161 | It was discovered that libvirtd before versions 4.10.1 and 5.4.1 would ... |
| CVE-2019-10132 | A flaw was found in libvirt in version 4.1.0 and earlier. A missing So ... |
| CVE-2019-3886 | An incorrect permissions check was discovered in libvirt 4.8.0 and abo ... |
| CVE-2019-3840 | A NULL pointer dereference flaw was discovered in libvirt before versi ... |
| CVE-2018-6764 | util/virlog.c in libvirt does not properly determine the hostname on L ... |
| CVE-2018-5748 | qemu/qemu_monitor.c in libvirt allows attackers to cause a denial of s ... |
| CVE-2018-1064 | libvirt version before 4.2.0-rc1 is vulnerable to a resource exhaustio ... |
| CVE-2017-1000256 | libvirt version 2.3.0 and later is vulnerable to a bad default configu ... |
| CVE-2017-2635 | A NULL pointer deference flaw was found in the way libvirt from 2.5.0 ... |
| CVE-2016-10746 | libvirt-domain.c in libvirt before 1.3.1 supports virDomainGetTime API ... |
| CVE-2016-5008 | It was found that setting a VNC password to an empty string in libvirt ... |
| CVE-2015-5313 | A path-traversal flaw was found in the way the libvirt daemon handled ... |
| CVE-2015-5247 | The virStorageVolCreateXML API in libvirt 1.2.14 through 1.2.19 allows ... |
| CVE-2015-5160 | It was found that the libvirt daemon, when using RBD (RADOS Block Devi ... |
| CVE-2015-0236 | It was discovered that the virDomainSnapshotGetXMLDesc() and virDomain ... |
| CVE-2014-8136 | It was found that QEMU's qemuDomainMigratePerform() and qemuDomainMigr ... |
| CVE-2014-8135 | The storageVolUpload function in storage/storage_driver.c in libvirt b ... |
| CVE-2014-8131 | The qemu implementation of virConnectGetAllDomainStats in libvirt befo ... |
| CVE-2014-7823 | It was found that when the VIR_DOMAIN_XML_MIGRATABLE flag was used, th ... |
| CVE-2014-5177 | libvirt 1.0.0 through 1.2.x before 1.2.5, when fine grained access con ... |
| CVE-2014-3657 | A denial of service flaw was found in the way libvirt's virConnectList ... |
| CVE-2014-3633 | An out-of-bounds read flaw was found in the way libvirt's qemuDomainGe ... |
| CVE-2014-1447 | Race condition in the virNetServerClientStartKeepAlive function in lib ... |
| CVE-2014-0179 | It was found that libvirt passes the XML_PARSE_NOENT flag when parsing ... |
| CVE-2014-0028 | libvirt 1.1.1 through 1.2.0 allows context-dependent attackers to bypa ... |
| CVE-2013-7336 | The qemuMigrationWaitForSpice function in qemu/qemu_migration.c in lib ... |
| CVE-2013-6458 | CVE-2013-6458 qemu: job usage issue in several APIs leading to libvirt ... |
| CVE-2013-6457 | The libxlDomainGetNumaParameters function in the libxl driver (libxl/l ... |
| CVE-2013-6456 | The LXC driver (lxc/lxc_driver.c) in libvirt 1.0.1 through 1.2.1 allow ... |
| CVE-2013-6436 | The lxcDomainGetMemoryParameters method in lxc/lxc_driver.c in libvirt ... |
| CVE-2013-5651 | The virBitmapParse function in util/virbitmap.c in libvirt before 1.1. ... |
| CVE-2013-4401 | The virConnectDomainXMLToNative API function in libvirt 1.1.0 through ... |
| CVE-2013-4400 | virt-login-shell in libvirt 1.1.2 through 1.1.3 allows local users to ... |
| CVE-2013-4399 | The remoteClientFreeFunc function in daemon/remote.c in libvirt before ... |
| CVE-2013-4311 | CVE-2013-4311 libvirt: insecure calling of polkit ... |
| CVE-2013-4297 | The virFileNBDDeviceAssociate function in util/virfile.c in libvirt 1. ... |
| CVE-2013-4296 | CVE-2013-4296 libvirt: invalid free in remoteDispatchDomainMemoryStats ... |
| CVE-2013-4292 | libvirt 1.1.0 and 1.1.1 allows local users to cause a denial of servic ... |
| CVE-2013-4291 | The virSecurityManagerSetProcessLabel function in libvirt 0.10.2.7, 1. ... |
| CVE-2013-4239 | The xenDaemonListDefinedDomains function in xen/xend_internal.c in lib ... |
| CVE-2013-4154 | The qemuAgentCommand function in libvirt before 1.1.1, when a guest ag ... |
| CVE-2013-4153 | Double free vulnerability in the qemuAgentGetVCPUs function in qemu/qe ... |
| CVE-2013-2230 | The qemu driver (qemu/qemu_driver.c) in libvirt before 1.1.1 allows re ... |
| CVE-2013-2218 | Double free vulnerability in the virConnectListAllInterfaces method in ... |
| CVE-2013-1962 | CVE-2013-1962 libvirt: DoS (max count of open files exhaustion) due so ... |
| CVE-2013-1766 | libvirt 1.0.2 and earlier sets the group owner to kvm for device files ... |
| CVE-2013-0170 | CVE-2013-0170 libvirt: use-after-free in virNetMessageFree() ... |
| CVE-2012-4423 | CVE-2012-4423 libvirt: null function pointer invocation in virNetServe ... |
| CVE-2012-3445 | CVE-2012-3445 libvirt: crash in virTypedParameterArrayClear ... |
| CVE-2012-2693 | CVE-2012-2693 libvirt: address bus= device= when identicle vendor ID/p ... |
| CVE-2011-4600 | CVE-2011-4600 libvirt: unintended firewall port exposure after restart ... |
| CVE-2011-2511 | CVE-2011-2511 libvirt: integer overflow in VirDomainGetVcpus ... |
| CVE-2011-2178 | The virSecurityManagerGetPrivateData function in security/security_man ... |
| CVE-2011-1486 | CVE-2011-1486 libvirt: error reporting in libvirtd is not thread safe ... |
| CVE-2011-1146 | CVE-2011-1146 libvirt: several API calls do not honour read-only conne ... |
| CVE-2010-2242 | CVE-2010-2242 libvirt: improperly mapped source privileged ports may a ... |
| CVE-2010-2239 | CVE-2010-2239 libvirt: not setting user defined backing store format w ... |
| CVE-2010-2238 | Red Hat libvirt, possibly 0.7.2 through 0.8.2, recurses into disk-imag ... |
| CVE-2010-2237 | Red Hat libvirt, possibly 0.6.1 through 0.8.2, looks up disk backing s ... |
| CVE-2009-0036 | CVE-2009-0036 libvirt: libvirt_proxy buffer overflow ... |
| CVE-2008-5086 | CVE-2008-5086 libvirt: missing checks for read-only connection ... |