Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
enterprise linux virtualization vulnerabilities and exploits
(subscribe to this query)
4
CVSSv2
CVE-2021-3677
A flaw was found in postgresql. A purpose-crafted query can read arbitrary bytes of server memory. In the default configuration, any authenticated database user can complete this attack at will. The attack does not require the ability to create objects. If server settings include...
Postgresql Postgresql
Redhat Virtualization 4.0
Redhat Enterprise Linux 8.0
Redhat Enterprise Linux For Power Little Endian 8.0
Redhat Enterprise Linux For Ibm Z Systems 8.0
Redhat Software Collections 1.0
Fedoraproject Fedora 34
5
CVSSv2
CVE-2019-14818
A flaw was found in all dpdk version 17.x.x prior to 17.11.8, 16.x.x prior to 16.11.10, 18.x.x prior to 18.11.4 and 19.x.x prior to 19.08.1 where a malicious master, or a container with access to vhost_user socket, can send specially crafted VRING_SET_NUM messages, resulting in a...
Dpdk Data Plane Development Kit
Redhat Enterprise Linux Fast Datapath 7.0
Redhat Openstack 10
Redhat Enterprise Linux Fast Datapath 8.0
Redhat Virtualization Eus 4.2
Fedoraproject Fedora 31
6.9
CVSSv2
CVE-2021-3748
A use-after-free vulnerability was found in the virtio-net device of QEMU. It could occur when the descriptor's address belongs to the non direct access region, due to num_buffers being set after the virtqueue elem has been unmapped. A malicious guest could use this flaw to ...
Qemu Qemu
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 20.04
Canonical Ubuntu Linux 21.10
Fedoraproject Fedora 34
Redhat Enterprise Linux 8.0
Redhat Enterprise Linux Advanced Virtualization Eus 8.4
NA
CVE-2022-2132
A permissive list of allowed inputs flaw was found in DPDK. This issue allows a remote malicious user to cause a denial of service triggered by sending a crafted Vhost header to DPDK.
Dpdk Data Plane Development Kit
Fedoraproject Fedora 36
Debian Debian Linux 10.0
Redhat Enterprise Linux 7.0
Redhat Virtualization 4.0
Redhat Enterprise Linux Fast Datapath 7.0
Redhat Enterprise Linux 8.0
Redhat Openshift Container Platform 4.0
Redhat Openstack Platform 13.0
Redhat Enterprise Linux Fast Datapath 8.0
Redhat Enterprise Linux 9.0
Redhat Enterprise Linux Fast Datapath 9.0
NA
CVE-2023-5366
A flaw was found in Open vSwitch that allows ICMPv6 Neighbor Advertisement packets between virtual machines to bypass OpenFlow rules. This issue may allow a local malicious user to create specially crafted packets with a modified or spoofed target IP address field that can redire...
Openvswitch Openvswitch
Redhat Enterprise Linux 7.0
Redhat Virtualization 4.0
Redhat Openshift Container Platform 4.0
Redhat Fast Datapath -
NA
CVE-2023-4911
A buffer overflow exists in the GNU C Library's dynamic loader ld.so while processing the GLIBC_TUNABLES environment variable. This issue could allow a local malicious user to use maliciously crafted GLIBC_TUNABLES environment variables when launching binaries with SUID perm...
Gnu Glibc
Fedoraproject Fedora 37
Fedoraproject Fedora 38
Fedoraproject Fedora 39
Redhat Virtualization Host 4.0
Redhat Virtualization 4.0
Redhat Enterprise Linux 8.0
Redhat Enterprise Linux Server Aus 8.6
Redhat Enterprise Linux Server Tus 8.6
Redhat Enterprise Linux Eus 8.6
Redhat Codeready Linux Builder For Power Little Endian Eus 8.6
Redhat Codeready Linux Builder Eus 8.6
Redhat Enterprise Linux 9.0
Redhat Codeready Linux Builder For Ibm Z Systems Eus 8.6
Redhat Codeready Linux Builder For Arm64 Eus 8.6
Redhat Enterprise Linux For Arm 64 Eus 8.6 Aarch64
Redhat Enterprise Linux For Ibm Z Systems Eus S390x 8.6
Redhat Enterprise Linux For Power Big Endian Eus 8.6 Ppc64le
25 Github repositories
1 Article
3.6
CVSSv2
CVE-2021-3501
A flaw was found in the Linux kernel in versions prior to 5.12. The value of internal.ndata, in the KVM API, is mapped to an array index, which can be updated by a user process at anytime which could lead to an out-of-bounds write. The highest threat from this vulnerability is to...
Linux Linux Kernel
Redhat Enterprise Linux 8.0
Redhat Enterprise Linux For Real Time 8
Redhat Enterprise Linux For Real Time For Nfv Tus 8.4
Redhat Enterprise Linux For Real Time Tus 8.4
Redhat Enterprise Linux For Real Time For Nfv 8
Fedoraproject Fedora 33
Redhat Virtualization 4.0
Redhat Virtualization Host 4.0
Netapp Cloud Backup -
Netapp Solidfire Baseboard Management Controller Firmware -
Netapp H300s Firmware -
Netapp H500s Firmware -
Netapp H700s Firmware -
Netapp H300e Firmware -
Netapp H500e Firmware -
Netapp H700e Firmware -
Netapp H410s Firmware -
Netapp H410c Firmware -
2.1
CVSSv2
CVE-2009-2910
arch/x86/ia32/ia32entry.S in the Linux kernel prior to 2.6.31.4 on the x86_64 platform does not clear certain kernel registers before a return to user mode, which allows local users to read register values from an earlier process by switching an ia32 process to 64-bit mode.
Linux Linux Kernel
Suse Linux Enterprise Server 9
Opensuse Opensuse 11.0
Suse Linux Enterprise Server 10
Suse Linux Enterprise Desktop 10
Suse Linux Enterprise Software Development Kit 10
Suse Linux Enterprise Debuginfo 10
Canonical Ubuntu Linux 9.04
Canonical Ubuntu Linux 8.10
Canonical Ubuntu Linux 9.10
Canonical Ubuntu Linux 8.04
Canonical Ubuntu Linux 6.06
Redhat Enterprise Linux Server 5.0
Redhat Enterprise Linux Workstation 5.0
Redhat Enterprise Linux Desktop 5.0
Redhat Virtualization 5
Redhat Enterprise Linux Eus 5.4
Fedoraproject Fedora 10
2.1
CVSSv2
CVE-2018-18397
The userfaultfd implementation in the Linux kernel prior to 4.19.7 mishandles access control for certain UFFDIO_ ioctl calls, as demonstrated by allowing local users to write data into holes in a tmpfs file (if the user has read-only access to that file, and that file contains ho...
Linux Linux Kernel
Redhat Enterprise Linux Desktop 7.0
Redhat Enterprise Linux Workstation 7.0
Redhat Enterprise Linux Server 7.0
Redhat Enterprise Linux Server Aus 7.4
Redhat Enterprise Linux Server Eus 7.4
Redhat Virtualization Host 4.0
Redhat Enterprise Linux Server Tus 7.4
Redhat Enterprise Linux Server Eus 7.5
Redhat Enterprise Linux Server Tus 7.6
Redhat Enterprise Linux Server Eus 7.6
Redhat Enterprise Linux Server Aus 7.6
Redhat Openshift Container Platform 3.11
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 18.10
7.2
CVSSv2
CVE-2009-3080
Array index error in the gdth_read_event function in drivers/scsi/gdth.c in the Linux kernel prior to 2.6.32-rc8 allows local users to cause a denial of service or possibly gain privileges via a negative event index in an IOCTL request.
Linux Linux Kernel
Linux Linux Kernel 2.6.32
Opensuse Opensuse 11.1
Opensuse Opensuse 11.2
Suse Linux Enterprise Desktop 10
Suse Linux Enterprise Server 10
Debian Debian Linux 4.0
Canonical Ubuntu Linux 9.04
Canonical Ubuntu Linux 8.10
Canonical Ubuntu Linux 9.10
Canonical Ubuntu Linux 8.04
Canonical Ubuntu Linux 6.06
Vmware Esx 3.5
Redhat Enterprise Linux Server 5.0
Redhat Enterprise Linux Desktop 5.0
Redhat Enterprise Linux Eus 5.4
Redhat Virtualization 5.0
Redhat Enterprise Linux Server Workstation 5.0
Redhat Fedora 10
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-30065
CVE-2024-5843
CVE-2024-30080
code execution
CVE-2024-4577
CVE-2024-26169
wireless
remote code execution
CVE-2024-36103
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »