Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
virtual machine vulnerabilities and exploits
(subscribe to this query)
10
CVSSv2
CVE-2019-1867
A vulnerability in the REST API of Cisco Elastic Services Controller (ESC) could allow an unauthenticated, remote malicious user to bypass authentication on the REST API. The vulnerability is due to improper validation of API requests. An attacker could exploit this vulnerability...
Cisco Elastic Services Controller
5
CVSSv2
CVE-2002-2072
java.security.AccessController in Sun Java Virtual Machine (JVM) in JRE 1.2.2 and 1.3.1 allows remote malicious users to cause a denial of service (JVM crash) via a Java program that calls the doPrivileged method with a null argument.
Sun Jre 1.2.2
Sun Jre 1.3.1
1 EDB exploit
7.2
CVSSv2
CVE-2004-0118
The component for the Virtual DOS Machine (VDM) subsystem in Windows NT 4.0 and Windows 2000 does not properly validate system structures, which allows local users to access protected kernel memory and execute arbitrary code.
Microsoft Windows 2000
Microsoft Windows Nt 4.0
9
CVSSv2
CVE-2015-4523
Blue Coat Malware Analysis Appliance (MAA) prior to 4.2.5 and Malware Analyzer G2 allow remote malicious users to bypass a virtual machine protection mechanism and consequently write to arbitrary files, cause a denial of service (host reboot or reset to factory defaults), or exec...
Symantec Malware Analyzer G2
Symantec Malware Analysis Appliance
1 EDB exploit
7.5
CVSSv2
CVE-2003-0896
The loadClass method of the sun.applet.AppletClassLoader class in the Java Virtual Machine (JVM) in Sun SDK and JRE 1.4.1_03 and previous versions allows remote malicious users to bypass sandbox restrictions and execute arbitrary code via a loaded class name that contains "/...
Sun Jre
1 EDB exploit
2.1
CVSSv2
CVE-2003-1134
Sun Java 1.3.1, 1.4.1, and 1.4.2 allows local users to cause a denial of service (JVM crash), possibly by calling the ClassDepth function with a null parameter, which causes a crash instead of generating a null pointer exception.
Sun Java 1.4.2
Sun Java 1.3.1
Sun Java 1.4.1
1 EDB exploit
5
CVSSv2
CVE-2002-1325
Microsoft Virtual Machine (VM) build 5.0.3805 and previous versions allows remote malicious users to determine a local user's username via a Java applet that accesses the user.dir system property, aka "User.dir Exposure Vulnerability."
Microsoft Windows 2000 Terminal Services
Microsoft Windows Nt 4.0
Microsoft Windows 98
Microsoft Windows 98se
Microsoft Windows 2000
Microsoft Windows Me
Microsoft Windows 95
Microsoft Windows Xp
2.1
CVSSv2
CVE-2015-2877
Kernel Samepage Merging (KSM) in the Linux kernel 2.6.32 up to and including 4.x does not prevent use of a write-timing side channel, which allows guest OS users to defeat the ASLR protection mechanism on other guest OS instances via a Cross-VM ASL INtrospection (CAIN) attack. NO...
Linux Linux Kernel
Redhat Enterprise Linux 4.0
Redhat Enterprise Linux 7.0
Redhat Enterprise Linux 6.0
Redhat Enterprise Linux 5.0
5.1
CVSSv2
CVE-2000-1061
Microsoft Virtual Machine (VM) in Internet Explorer 4.x and 5.x allows an unsigned applet to create and use ActiveX controls, which allows a remote malicious user to bypass Internet Explorer's security settings and execute arbitrary commands via a malicious web page or email...
Microsoft Ie 4.x
Microsoft Ie 5.x
1 EDB exploit
7.5
CVSSv2
CVE-2015-4852
The WLS Security component in Oracle WebLogic Server 10.3.6.0, 12.1.2.0, 12.1.3.0, and 12.2.1.0 allows remote malicious users to execute arbitrary commands via a crafted serialized Java object in T3 protocol traffic to TCP port 7001, related to oracle_common/modules/com.bea.core....
Oracle Virtual Desktop Infrastructure
Oracle Weblogic Server 12.2.1.0.0
Oracle Weblogic Server 12.1.3.0.0
Oracle Weblogic Server 10.3.6.0.0
Oracle Weblogic Server 12.1.2.0.0
Oracle Storagetek Tape Analytics Sw Tool 2.3
2 EDB exploits
12 Github repositories
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-29895
blind SQL injection
CVE-2024-5064
CVE-2023-52677
CVE-2023-52682
CVE-2024-30051
CVE-2024-35849
remote attackers
remote
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »