Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
virtual machine vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2016-7489
Teradata Virtual Machine Community Edition v15.10's perl script /opt/teradata/gsctools/bin/t2a.pl creates files in /tmp in an insecure manner, this may lead to elevated code execution.
Teradata Virtual Machine 15.10
NA
CVE-2007-5375
Interpretation conflict in the Sun Java Virtual Machine (JVM) allows user-assisted remote malicious users to conduct a multi-pin DNS rebinding attack and execute arbitrary JavaScript in an intranet context, when an intranet web server has an HTML document that references a "...
Sun Java Virtual Machine
8.2
CVSSv3
CVE-2017-14457
An exploitable information leak/denial of service vulnerability exists in the libevm (Ethereum Virtual Machine) `create2` opcode handler of CPP-Ethereum. A specially crafted smart contract code can cause an out-of-bounds read leading to memory disclosure or denial of service. An ...
Ethereum Ethereum Virtual Machine -
NA
CVE-2014-6228
Integer overflow in the string_chunk_split function in hphp/runtime/base/zend-string.cpp in Facebook HipHop Virtual Machine (HHVM) prior to 3.3.0 allows remote malicious users to cause a denial of service (application crash) or possibly have unspecified other impact via crafted a...
Facebook Hiphop Virtual Machine
NA
CVE-2014-6229
The HashContext class in hphp/runtime/ext/ext_hash.cpp in Facebook HipHop Virtual Machine (HHVM) prior to 3.3.0 incorrectly expects that a certain key string uses '\0' for termination, which allows remote malicious users to obtain sensitive information by leveraging rea...
Facebook Hiphop Virtual Machine
NA
CVE-2014-9714
Cross-site scripting (XSS) vulnerability in the WddxPacket::recursiveAddVar function in HHVM (aka the HipHop Virtual Machine) prior to 3.5.0 allows remote malicious users to inject arbitrary web script or HTML via a crafted string to the wddx_serialize_value function.
Facebook Hiphop Virtual Machine
NA
CVE-2014-5386
The mcrypt_create_iv function in hphp/runtime/ext/mcrypt/ext_mcrypt.cpp in Facebook HipHop Virtual Machine (HHVM) prior to 3.3.0 does not seed the random number generator, which makes it easier for remote malicious users to defeat cryptographic protection mechanisms by leveraging...
Facebook Hiphop Virtual Machine
NA
CVE-2014-2209
Facebook HipHop Virtual Machine (HHVM) prior to 3.1.0 does not drop supplemental group memberships within hphp/util/capability.cpp and hphp/util/light-process.cpp, which allows remote malicious users to bypass intended access restrictions by leveraging group permissions for a fil...
Facebook Hiphop Virtual Machine
NA
CVE-2015-0012
Microsoft System Center Virtual Machine Manager (VMM) 2012 R2 Update Rollup 4 does not properly validate the roles of users, which allows local users to obtain server and virtual-machine administrative privileges by establishing a server session with Active Directory credentials,...
Microsoft Virtual Machine Manager 2012
NA
CVE-2002-1286
The Microsoft Java implementation, as used in Internet Explorer, allows remote malicious users to steal cookies and execute script in a different security context via a URL that contains a colon in the domain portion, which is not properly parsed and loads an applet from a malici...
Microsoft Java Virtual Machine 1.1
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
validation
CVE-2012-1823
malicious code
CVE-2024-5770
CVE-2023-45866
CVE-2024-35687
local users
CVE-2024-31246
CVE-2024-35730
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »