Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
virtualization host vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2022-3344
A flaw was found in the KVM's AMD nested virtualization (SVM). A malicious L1 guest could purposely fail to intercept the shutdown of a cooperative nested guest (L2), possibly leading to a page fault and kernel panic in the host (L0).
Linux Linux Kernel
5
CVSSv2
CVE-2019-9636
Python 2.7.x up to and including 2.7.16 and 3.x up to and including 3.7.2 is affected by: Improper Handling of Unicode Encoding (with an incorrect netloc) during NFKC normalization. The impact is: Information disclosure (credentials, cookies, etc. that are cached against a given ...
Python Python
Fedoraproject Fedora 28
Fedoraproject Fedora 29
Fedoraproject Fedora 30
Fedoraproject Fedora 31
Opensuse Leap 42.3
Opensuse Leap 15.0
Opensuse Leap 15.1
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 19.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 12.04
Redhat Enterprise Linux Desktop 6.0
Redhat Enterprise Linux Server 6.0
Redhat Enterprise Linux Workstation 6.0
Redhat Enterprise Linux Server Aus 7.4
Redhat Enterprise Linux 7.5
Redhat Enterprise Linux Server Tus 7.4
Redhat Enterprise Linux Eus 7.5
1 Article
NA
CVE-2022-38177
By spoofing the target resolver with responses that have a malformed ECDSA signature, an attacker can trigger a small memory leak. It is possible to gradually erode available memory to the point where named crashes for lack of resources.
Isc Bind 9.11.7
Isc Bind 9.11.3
Isc Bind 9.11.6
Isc Bind 9.10.5
Isc Bind 9.11.5
Isc Bind 9.9.3
Isc Bind 9.10.7
Isc Bind 9.11.12
Isc Bind 9.11.8
Isc Bind 9.9.12
Isc Bind 9.9.13
Isc Bind 9.11.21
Isc Bind 9.16.8
Isc Bind 9.16.11
Isc Bind 9.11.27
Isc Bind 9.16.13
Isc Bind 9.11.29
Isc Bind 9.16.21
Isc Bind 9.11.35
Isc Bind 9.11.14-s1
Isc Bind 9.11.19-s1
Isc Bind 9.11.37
NA
CVE-2022-38178
By spoofing the target resolver with responses that have a malformed EdDSA signature, an attacker can trigger a small memory leak. It is possible to gradually erode available memory to the point where named crashes for lack of resources.
Isc Bind
Isc Bind 9.11.7
Isc Bind 9.11.3
Isc Bind 9.11.6
Isc Bind 9.11.5
Isc Bind 9.11.12
Isc Bind 9.11.8
Isc Bind 9.11.21
Isc Bind 9.16.8
Isc Bind 9.16.11
Isc Bind 9.11.27
Isc Bind 9.16.13
Isc Bind 9.11.29
Isc Bind 9.16.21
Isc Bind 9.11.35
Isc Bind 9.11.14-s1
Isc Bind 9.11.19-s1
Isc Bind 9.11.37
Isc Bind 9.16.32
Debian Debian Linux 11.0
Fedoraproject Fedora 35
Fedoraproject Fedora 36
NA
CVE-2024-31419
An information disclosure flaw was found in OpenShift Virtualization. The DownwardMetrics feature was introduced to expose host metrics to virtual machine guests and is enabled by default. This issue could expose limited host metrics of a node to any guest in any namespace withou...
7.2
CVSSv2
CVE-2016-3710
The VGA module in QEMU improperly performs bounds checking on banked access to video memory, which allows local guest OS administrators to execute arbitrary code on the host by changing access modes after setting the bank register, aka the "Dark Portal" issue.
Debian Debian Linux 8.0
Hp Helion Openstack 2.0.0
Hp Helion Openstack 2.1.0
Hp Helion Openstack 2.1.2
Hp Helion Openstack 2.1.4
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 15.10
Canonical Ubuntu Linux 12.04
Qemu Qemu
Qemu Qemu 2.6.0
Oracle Vm Server 3.2
Oracle Vm Server 3.3
Oracle Vm Server 3.4
Oracle Linux 5
Oracle Linux 6
Oracle Linux 7
Citrix Xenserver
Redhat Openstack 5.0
Redhat Openstack 6.0
Redhat Openstack 7.0
Redhat Openstack 8
NA
CVE-2021-26406
Insufficient validation in parsing Owner's Certificate Authority (OCA) certificates in SEV (AMD Secure Encrypted Virtualization) and SEV-ES user application can lead to a host crash potentially resulting in denial of service.
Amd Epyc 7232p Firmware Romepi 1.0.0.a
Amd Epyc 7252 Firmware Romepi 1.0.0.a
Amd Epyc 7262 Firmware Romepi 1.0.0.a
Amd Epyc 7272 Firmware Romepi 1.0.0.a
Amd Epyc 7282 Firmware Romepi 1.0.0.a
Amd Epyc 7302 Firmware Romepi 1.0.0.a
Amd Epyc 7302p Firmware Romepi 1.0.0.a
Amd Epyc 7352 Firmware Romepi 1.0.0.a
Amd Epyc 7402 Firmware Romepi 1.0.0.a
Amd Epyc 7402p Firmware Romepi 1.0.0.a
Amd Epyc 7452 Firmware Romepi 1.0.0.a
Amd Epyc 7502 Firmware Romepi 1.0.0.a
Amd Epyc 7502p Firmware Romepi 1.0.0.a
Amd Epyc 7532 Firmware Romepi 1.0.0.a
Amd Epyc 7542 Firmware Romepi 1.0.0.a
Amd Epyc 7552 Firmware Romepi 1.0.0.a
Amd Epyc 7642 Firmware Romepi 1.0.0.a
Amd Epyc 7662 Firmware Romepi 1.0.0.a
Amd Epyc 7702 Firmware Romepi 1.0.0.a
Amd Epyc 7702p Firmware Romepi 1.0.0.a
Amd Epyc 7742 Firmware Romepi 1.0.0.a
Amd Epyc 7f32 Firmware Romepi 1.0.0.a
7.2
CVSSv2
CVE-2019-14835
A buffer overflow flaw was found, in versions from 2.6.34 to 5.2.x, in the way Linux kernel's vhost functionality that translates virtqueue buffers to IOVs, logged the buffer descriptors during migration. A privileged guest user able to pass descriptors with invalid length t...
Linux Linux Kernel 5.3
Linux Linux Kernel
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 19.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 12.04
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Fedoraproject Fedora 29
Fedoraproject Fedora 30
Opensuse Leap 15.0
Opensuse Leap 15.1
Netapp Aff A700s Firmware -
Netapp H410c Firmware -
Netapp H610s Firmware -
Netapp H300s Firmware -
Netapp H500s Firmware -
Netapp H700s Firmware -
Netapp H300e Firmware -
Netapp H500e Firmware -
1 Article
4.7
CVSSv2
CVE-2013-0152
Memory leak in Xen 4.2 and unstable allows local HVM guests to cause a denial of service (host memory consumption) by performing nested virtualization in a way that triggers errors that are not properly handled.
Xen Xen 4.2.0
4.3
CVSSv2
CVE-2020-25684
A flaw was found in dnsmasq before version 2.83. When getting a reply from a forwarded query, dnsmasq checks in the forward.c:reply_query() if the reply destination address/port is used by the pending forwarded queries. However, it does not use the address/port to retrieve the ex...
Thekelleys Dnsmasq
Fedoraproject Fedora 32
Fedoraproject Fedora 33
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Arista Eos
2 Github repositories
1 Article
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2006-4304
CVE-2024-4240
arbitrary
CVE-2024-31601
XSS
CVE-2023-20198
CVE-2024-4256
CVE-2024-3342
encryption
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »