Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
virtualization vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2018-17963
qemu_deliver_packet_iov in net/net.c in Qemu accepts packet sizes greater than INT_MAX, which allows malicious users to cause a denial of service or possibly have unspecified other impact.
Qemu Qemu
Qemu Qemu 3.1.0
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 18.10
Redhat Openstack 10
Redhat Openstack 13
Redhat Openstack 14
Redhat Virtualization 4.0
Redhat Virtualization Manager 4.3
9.8
CVSSv3
CVE-2018-6499
Remote Code Execution in the following products Hybrid Cloud Management Containerized Suite HCM2017.11, HCM2018.02, HCM2018.05, Operations Bridge Containerized Suite 2017.11, 2018.02, 2018.05, Data Center Automation Containerized Suite 2017.01 until 2018.05, Service Management Au...
Microfocus Data Center Automation 2017.05
Microfocus Data Center Automation 2017.08
Microfocus Data Center Automation 2017.09
Microfocus Data Center Automation 2017.11
Microfocus Data Center Automation 2018.02
Microfocus Data Center Automation 2018.05
Microfocus Data Center Automation 2017.01
Microfocus Service Management Automation 2018.05
Microfocus Service Management Automation 2018.02
Microfocus Service Management Automation 2017.11
Microfocus Network Operations Management 2018.02
Microfocus Network Operations Management 2017.11
Microfocus Hybrid Cloud Management 2017.11
Microfocus Hybrid Cloud Management 2018.02
Microfocus Hybrid Cloud Management 2018.05
Microfocus Operations Bridge 2017.11
Microfocus Operations Bridge 2018.02
Microfocus Operations Bridge 2018.05
Microfocus Network Operations Management 2018.05
Microfocus Network Virtualization 12.50
Microfocus Service Virtualization 1.00
Microfocus Unified Functional Testing 12.50
9.8
CVSSv3
CVE-2018-11236
stdlib/canonicalize.c in the GNU C Library (aka glibc or libc6) 2.27 and previous versions, when processing very long pathname arguments to the realpath function, could encounter an integer overflow on 32-bit architectures, leading to a stack-based buffer overflow and, potentiall...
Gnu Glibc
Redhat Enterprise Linux Desktop 7.0
Redhat Enterprise Linux Workstation 7.0
Redhat Enterprise Linux Server 7.0
Redhat Virtualization Host 4.0
Oracle Enterprise Communications Broker 3.0.0
Oracle Enterprise Communications Broker 3.1.0
Oracle Communications Session Border Controller 8.1.0
Oracle Communications Session Border Controller 8.2.0
Oracle Communications Session Border Controller 8.0.0
Netapp Data Ontap Edge -
Netapp Element Software Management -
9.8
CVSSv3
CVE-2018-7263
The mad_decoder_run() function in decoder.c in Underbit libmad up to and including 0.15.1b allows remote malicious users to cause a denial of service (SIGABRT because of double free or corruption) or possibly have unspecified other impact via a crafted file. NOTE: this may overla...
Underbit Libmad
9.8
CVSSv3
CVE-2015-7705
The rate limiting feature in NTP 4.x prior to 4.2.8p4 and 4.3.x prior to 4.3.77 allows remote malicious users to have unspecified impact via a large number of crafted requests.
Ntp Ntp
Ntp Ntp 4.2.8
Netapp Oncommand Performance Manager -
Netapp Oncommand Unified Manager -
Netapp Clustered Data Ontap -
Netapp Data Ontap -
Citrix Xenserver 6.0.2
Citrix Xenserver 6.2.0
Citrix Xenserver 6.5
Citrix Xenserver 7.0
Siemens Tim 4r-ie Firmware
Siemens Tim 4r-ie Dnp3 Firmware
9.8
CVSSv3
CVE-2015-7853
The datalen parameter in the refclock driver in NTP 4.2.x prior to 4.2.8p4, and 4.3.x prior to 4.3.77 allows remote malicious users to execute arbitrary code or cause a denial of service (crash) via a negative input value.
Ntp Ntp
Ntp Ntp 4.2.8
Netapp Oncommand Balance -
Netapp Oncommand Performance Manager -
Netapp Oncommand Unified Manager -
Netapp Clustered Data Ontap -
Netapp Data Ontap -
9.8
CVSSv3
CVE-2015-7871
Crypto-NAK packets in ntpd in NTP 4.2.x prior to 4.2.8p4, and 4.3.x prior to 4.3.77 allows remote malicious users to bypass authentication.
Ntp Ntp 4.2.5
Ntp Ntp
Ntp Ntp 4.2.8
Debian Debian Linux 7.0
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Netapp Oncommand Balance -
Netapp Oncommand Performance Manager -
Netapp Oncommand Unified Manager -
Netapp Clustered Data Ontap -
Netapp Data Ontap -
9.8
CVSSv3
CVE-2017-9214
In Open vSwitch (OvS) 2.7.0, while parsing an OFPT_QUEUE_GET_CONFIG_REPLY type OFP 1.0 message, there is a buffer over-read that is caused by an unsigned integer underflow in the function `ofputil_pull_queue_get_config_reply10` in `lib/ofp-util.c`.
Openvswitch Openvswitch 2.7.0
Debian Debian Linux 9.0
Redhat Openstack 6.0
Redhat Openstack 7.0
Redhat Openstack 8
Redhat Openstack 9
Redhat Openstack 10
Redhat Openstack 11
Redhat Virtualization 4.1
Redhat Virtualization Manager 4.1
Redhat Virtualization 4.0
9.8
CVSSv3
CVE-2016-1453
Buffer overflow in the Overlay Transport Virtualization (OTV) GRE feature in Cisco NX-OS 5.0 up to and including 7.3 on Nexus 7000 and 7700 devices allows remote malicious users to execute arbitrary code via long parameters in a packet header, aka Bug ID CSCuy95701.
Cisco Nx-os 6.2\\(2a\\)
Cisco Nx-os 6.1\\(3\\)
Cisco Nx-os 5.1\\(6\\)
Cisco Nx-os 5.2\\(1\\)
Cisco Nx-os 6.2\\(12\\)
Cisco Nx-os 5.1\\(4\\)
Cisco Nx-os 6.2\\(6b\\)
Cisco Nx-os 4.1.\\(2\\)
Cisco Nx-os 5.1\\(5\\)
Cisco Nx-os 6.0\\(3\\)
Cisco Nx-os 4.1.\\(3\\)
Cisco Nx-os 6.1\\(4\\)
Cisco Nx-os 4.2.\\(2a\\)
Cisco Nx-os 5.1\\(3\\)
Cisco Nx-os 7.2\\(0\\)n1\\(0.1\\)
Cisco Nx-os 5.0\\(5\\)
Cisco Nx-os 6.0\\(2\\)
Cisco Nx-os 4.2\\(4\\)
Cisco Nx-os 5.2\\(9\\)
Cisco Nx-os 6.2\\(8a\\)
Cisco Nx-os 5.2\\(4\\)
Cisco Nx-os 6.2\\(10\\)
9.8
CVSSv3
CVE-2016-3613
Unspecified vulnerability in the Oracle Secure Global Desktop component in Oracle Virtualization 4.63, 4.71, and 5.2 allows remote malicious users to affect confidentiality, integrity, and availability via vectors related to OpenSSL.
Oracle Secure Global Desktop 4.71
Oracle Secure Global Desktop 5.2
Oracle Secure Global Desktop 4.63
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
hardcoded
arbitrary code
CVE-2024-2404
CVE-2024-21111
CVE-2024-28627
CVE-2024-4073
information disclosure
CVE-2024-32780
CVE-2024-4040
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »