Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
virtualization host vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2022-2585
It exists that when exec'ing from a non-leader thread, armed POSIX CPU timers would be left on a list but freed, leading to a use-after-free.
Linux Linux Kernel
Canonical Ubuntu Linux 20.04
Canonical Ubuntu Linux 22.04
1 Github repository
NA
CVE-2022-2586
It exists that a nft object or expression could reference a nft set on a different nft table, leading to a use-after-free once that table was deleted.
Linux Linux Kernel
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 20.04
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 22.04
4 Github repositories
NA
CVE-2022-2588
It exists that the cls_route filter implementation in the Linux kernel would not remove an old filter from the hashtable before freeing it if its handle had the value 0.
Linux Linux Kernel
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 20.04
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 22.04
8 Github repositories
NA
CVE-2022-22942
The vmwgfx driver contains a local privilege escalation vulnerability that allows unprivileged users to gain access to files opened by other processes on the system through a dangling 'file' pointer.
Vmware Photon Os 4.0
Vmware Photon Os 3.0
NA
CVE-2023-38545
This flaw makes curl overflow a heap based buffer in the SOCKS5 proxy handshake. When curl is asked to pass along the host name to the SOCKS5 proxy to allow that to resolve the address instead of it getting done by curl itself, the maximum length that host name can be is 255 byte...
Haxx Libcurl
Fedoraproject Fedora 37
Netapp Oncommand Workflow Automation -
Netapp Oncommand Insight -
Netapp Active Iq Unified Manager -
Microsoft Windows 10 22h2
Microsoft Windows 11 21h2
Microsoft Windows 11 22h2
Microsoft Windows 11 23h2
Microsoft Windows 10 1809
Microsoft Windows Server 2019
Microsoft Windows Server 2022
Microsoft Windows 10 21h2
9 Github repositories
2 Articles
NA
CVE-2023-38546
This flaw allows an malicious user to insert cookies at will into a running program using libcurl, if the specific series of conditions are met. libcurl performs transfers. In its API, an application creates "easy handles" that are the individual handles for single tran...
Haxx Libcurl
1 Github repository
2 Articles
NA
CVE-2023-4911
A buffer overflow exists in the GNU C Library's dynamic loader ld.so while processing the GLIBC_TUNABLES environment variable. This issue could allow a local malicious user to use maliciously crafted GLIBC_TUNABLES environment variables when launching binaries with SUID perm...
Gnu Glibc
Fedoraproject Fedora 37
Fedoraproject Fedora 38
Fedoraproject Fedora 39
Redhat Virtualization Host 4.0
Redhat Virtualization 4.0
Redhat Enterprise Linux 8.0
Redhat Enterprise Linux Server Aus 8.6
Redhat Enterprise Linux Server Tus 8.6
Redhat Enterprise Linux Eus 8.6
Redhat Codeready Linux Builder For Power Little Endian Eus 8.6
Redhat Codeready Linux Builder Eus 8.6
Redhat Enterprise Linux 9.0
Redhat Codeready Linux Builder For Ibm Z Systems Eus 8.6
Redhat Codeready Linux Builder For Arm64 Eus 8.6
Redhat Enterprise Linux For Arm 64 Eus 8.6 Aarch64
Redhat Enterprise Linux For Ibm Z Systems Eus S390x 8.6
Redhat Enterprise Linux For Power Big Endian Eus 8.6 Ppc64le
25 Github repositories
1 Article
NA
CVE-2023-4155
A flaw was found in KVM AMD Secure Encrypted Virtualization (SEV) in the Linux kernel. A KVM guest using SEV-ES or SEV-SNP with multiple vCPUs can trigger a double fetch race condition vulnerability and invoke the `VMGEXIT` handler recursively. If an attacker manages to call the ...
Linux Linux Kernel -
Redhat Enterprise Linux 8.0
Redhat Enterprise Linux 9.0
Fedoraproject Fedora 37
Fedoraproject Fedora 38
NA
CVE-2022-36648
The hardware emulation in the of_dpa_cmd_add_l2_flood of rocker device model in QEMU, as used in 7.0.0 and previous versions, allows remote malicious users to crash the host qemu and potentially execute code on the host via execute a malformed program in the guest OS. Note: This ...
Qemu Qemu
NA
CVE-2023-3090
A heap out-of-bounds write vulnerability in the Linux Kernel ipvlan network driver can be exploited to achieve local privilege escalation. The out-of-bounds write is caused by missing skb->cb initialization in the ipvlan network driver. The vulnerability is reachable if CONFIG...
Linux Linux Kernel
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Debian Debian Linux 12.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3080
log injection
CVE-2024-6041
CVE-2024-37661
XML external entity
CVE-2024-0845
privilege escalation
CVE-2023-37057
CVE-2024-27801
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »