Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2014-3559

EPSS 0.27% · P51
Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2014-3559

Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
The oVirt storage backend in Red Hat Enterprise Virtualization 3.4 does not wipe memory snapshots when deleting a VM, even when wipe-after-delete (WAD) is configured for the VM's disk, which allows remote authenticated users with certain credentials to read portions of the deleted VM's memory and obtain sensitive information via an uninitialized storage volume.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
Red Hat Enterprise Virtualization Manager 权限许可和访问控制问题漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Red Hat是美国红帽(Red Hat)公司的一个操作系统。提供了一个开源的操作系统。 Red Hat Enterprise Virtualization Manager 3.4版本存在权限许可和访问控制问题漏洞,该漏洞源于程序删除VM时,没有清除内存快照。远程攻击者可通过未初始化的存储卷利用该漏洞读取已删除VM内存的部分信息,获取敏感信息。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)

Affected Products

VendorProductAffected VersionsCPESubscribe
-n/a n/a -

II. Public POCs for CVE-2014-3559

#POC DescriptionSource LinkShenlong Link
AI-Generated POCPremium

No public POC found.

Login to generate AI POC

III. Intelligence Information for CVE-2014-3559

登录查看更多情报信息。
Advisory · 1

Same Patch Batch · n/a · 2014-08-06 · 20 CVEs total

CVE-2014-5186WordPress All Video Gallery插件SQL注入漏洞
CVE-2014-5179Drupal freelinking 权限许可和访问控制漏洞
CVE-2014-5178EFS Software Web Server 跨站脚本漏洞
CVE-2014-5090Status2k 代码注入漏洞
CVE-2014-5089Status2k SQL注入漏洞
CVE-2014-5088Status2K 跨站脚本漏洞
CVE-2014-5082多款Sphider产品SQL注入漏洞
CVE-2014-3560Samba NetBIOS name services daemon 安全漏洞漏洞
CVE-2013-4159Novell openSUSE ctdb 安全漏洞
CVE-2014-5187WordPress Tom M8te插件目录遍历漏洞
CVE-2012-6653WordPress All Video Gallery插件安全漏洞
CVE-2014-5185WordPress Quartz插件SQL注入漏洞
CVE-2014-5184WordPress stripShow插件SQL注入漏洞
CVE-2014-5183WordPress Simple Retail Menus插件SQL注入漏洞
CVE-2014-5182WordPress yawpp插件SQL注入漏洞
CVE-2014-5181WordPress Last.fm Rotation插件目录遍历漏洞
CVE-2014-5180WordPress HDW Player插件SQL注入漏洞
CVE-2014-3434Symantec Endpoint Protection Client和Small Business Edition SEP 缓冲区溢出漏洞
CVE-2014-0479reportbug 代码注入漏洞

IV. Related Vulnerabilities

Same product: n/a
Same vendor: n/a

V. Comments for CVE-2014-3559

No comments yet

Leave a comment