Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
virtualization host vulnerabilities and exploits
(subscribe to this query)
7.8
CVSSv2
CVE-2008-5714
Off-by-one error in monitor.c in Qemu 0.9.1 might make it easier for remote malicious users to guess the VNC password, which is limited to seven characters where eight was intended.
Qemu Qemu 0.9.1
7.7
CVSSv2
CVE-2015-3456
The Floppy Disk Controller (FDC) in QEMU, as used in Xen 4.5.x and previous versions and KVM, allows local guest users to cause a denial of service (out-of-bounds write and guest crash) or possibly execute arbitrary code via the (1) FD_CMD_READ_ID, (2) FD_CMD_DRIVE_SPECIFICATION_...
Qemu Qemu
Redhat Openstack 4.0
Redhat Enterprise Linux 7.0
Redhat Enterprise Linux 6.0
Redhat Openstack 5.0
Redhat Openstack 7.0
Redhat Enterprise Virtualization 3.0
Redhat Enterprise Linux 5
Xen Xen 4.5.0
Redhat Openstack 6.0
1 EDB exploit
5 Github repositories
3 Articles
7.5
CVSSv2
CVE-2022-25315
In Expat (aka libexpat) prior to 2.4.5, there is an integer overflow in storeRawNames.
Libexpat Project Libexpat
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Fedoraproject Fedora 34
Fedoraproject Fedora 35
Oracle Http Server 12.2.1.3.0
Oracle Http Server 12.2.1.4.0
Oracle Zfs Storage Appliance Kit 8.8
Siemens Sinema Remote Connect Server
7.5
CVSSv2
CVE-2022-25235
xmltok_impl.c in Expat (aka libexpat) prior to 2.4.5 lacks certain validation of encoding, such as checks for whether a UTF-8 character is valid in a certain context.
Libexpat Project Libexpat
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Fedoraproject Fedora 34
Fedoraproject Fedora 35
Oracle Http Server 12.2.1.3.0
Oracle Http Server 12.2.1.4.0
Oracle Zfs Storage Appliance Kit 8.8
Siemens Sinema Remote Connect Server
7.5
CVSSv2
CVE-2022-25236
xmlparse.c in Expat (aka libexpat) prior to 2.4.5 allows malicious users to insert namespace-separator characters into namespace URIs.
Libexpat Project Libexpat
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Oracle Http Server 12.2.1.3.0
Oracle Http Server 12.2.1.4.0
Oracle Zfs Storage Appliance Kit 8.8
Siemens Sinema Remote Connect Server
7.5
CVSSv2
CVE-2018-11236
stdlib/canonicalize.c in the GNU C Library (aka glibc or libc6) 2.27 and previous versions, when processing very long pathname arguments to the realpath function, could encounter an integer overflow on 32-bit architectures, leading to a stack-based buffer overflow and, potentiall...
Gnu Glibc
Redhat Enterprise Linux Desktop 7.0
Redhat Enterprise Linux Workstation 7.0
Redhat Enterprise Linux Server 7.0
Redhat Virtualization Host 4.0
Oracle Enterprise Communications Broker 3.0.0
Oracle Enterprise Communications Broker 3.1.0
Oracle Communications Session Border Controller 8.1.0
Oracle Communications Session Border Controller 8.2.0
Oracle Communications Session Border Controller 8.0.0
Netapp Data Ontap Edge -
Netapp Element Software Management -
7.4
CVSSv2
CVE-2012-0029
Heap-based buffer overflow in the process_tx_desc function in the e1000 emulation (hw/e1000.c) in qemu-kvm 0.12, and possibly other versions, allows guest OS users to cause a denial of service (QEMU crash) and possibly execute arbitrary code via crafted legacy mode packets.
Kvm Group Qemu-kvm 0.12
7.2
CVSSv2
CVE-2022-1679
A use-after-free flaw was found in the Linux kernel’s Atheros wireless adapter driver in the way a user forces the ath9k_htc_wait_for_target function to fail with some input messages. This flaw allows a local user to crash or potentially escalate their privileges on the sys...
Linux Linux Kernel
Debian Debian Linux 10.0
Netapp H410c Firmware -
Netapp H300s Firmware -
Netapp H500s Firmware -
Netapp H700s Firmware -
Netapp H300e Firmware -
Netapp H500e Firmware -
Netapp H700e Firmware -
Netapp H410s Firmware -
2 Github repositories
7.2
CVSSv2
CVE-2022-0847
A flaw was found in the way the "flags" member of the new pipe buffer structure was lacking proper initialization in copy_page_to_iter_pipe and push_pipe functions in the Linux kernel and could thus contain stale values. An unprivileged local user could use this flaw to...
Linux Linux Kernel
Fedoraproject Fedora 35
Redhat Enterprise Linux 8.0
Redhat Enterprise Linux Eus 8.2
Redhat Enterprise Linux Server Tus 8.2
Redhat Enterprise Linux Server Aus 8.2
Redhat Enterprise Linux For Real Time 8
Redhat Enterprise Linux Server Tus 8.4
Redhat Enterprise Linux Eus 8.4
Redhat Enterprise Linux For Real Time For Nfv Tus 8.4
Redhat Enterprise Linux For Real Time For Nfv Tus 8.2
Redhat Enterprise Linux For Real Time Tus 8.4
Redhat Enterprise Linux For Real Time Tus 8.2
Redhat Enterprise Linux Server Aus 8.4
Redhat Enterprise Linux For Real Time For Nfv 8
Redhat Enterprise Linux Server Update Services For Sap Solutions 8.2
Redhat Enterprise Linux Server Update Services For Sap Solutions 8.4
Redhat Enterprise Linux Server Update Services For Sap Solutions 8.1
Redhat Enterprise Linux For Power Little Endian Eus 8.2
Redhat Enterprise Linux For Ibm Z Systems Eus 8.2
Redhat Enterprise Linux For Power Little Endian 8.0
Redhat Enterprise Linux For Ibm Z Systems Eus 8.4
145 Github repositories
4 Articles
7.2
CVSSv2
CVE-2021-3656
A flaw was found in the KVM's AMD code for supporting SVM nested virtualization. The flaw occurs when processing the VMCB (virtual machine control block) provided by the L1 guest to spawn/handle a nested guest (L2). Due to improper validation of the "virt_ext" fiel...
Linux Linux Kernel 5.14
Linux Linux Kernel
Fedoraproject Fedora 33
Fedoraproject Fedora 34
Redhat Software Collections -
Redhat Enterprise Linux Desktop 7.0
Redhat Enterprise Linux Workstation 7.0
Redhat Enterprise Linux For Scientific Computing 7.0
Redhat Enterprise Linux Server 7.0
Redhat Enterprise Linux For Power Little Endian 7.0
Redhat Enterprise Linux For Real Time 7
Redhat Enterprise Linux For Real Time For Nfv 7
Redhat Enterprise Linux For Power Big Endian 7.0
Redhat Enterprise Linux For Ibm Z Systems 7.0
Redhat Enterprise Linux Server Tus 7.6
Redhat Enterprise Linux Server Aus 7.6
Redhat Enterprise Linux 8.0
Redhat Enterprise Linux Server Aus 7.7
Redhat Enterprise Linux Server Tus 7.7
Redhat Enterprise Linux Eus 8.1
Redhat Enterprise Linux Eus 8.2
Redhat Enterprise Linux Server Tus 8.2
1 Github repository
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2006-4304
CVE-2024-4240
arbitrary
CVE-2024-31601
XSS
CVE-2023-20198
CVE-2024-4256
CVE-2024-3342
encryption
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »