Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
vm server vulnerabilities and exploits
(subscribe to this query)
7
CVSSv3
CVE-2021-22600
A double free bug in packet_set_ring() in net/packet/af_packet.c can be exploited by a local user through crafted syscalls to escalate privileges or deny service. We recommend upgrading kernel past the effected versions or rebuilding past ec6af094ea28f0f2dda1a6a33b14cd57e36a9755
Linux Linux Kernel
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Netapp H410c Firmware -
Netapp H300s Firmware -
Netapp H500s Firmware -
Netapp H700s Firmware -
Netapp H410s Firmware -
2 Github repositories
7
CVSSv3
CVE-2021-4083
A read-after-free memory flaw was found in the Linux kernel's garbage collection for Unix domain socket file handlers in the way users call close() and fget() simultaneously and can potentially trigger a race condition. This flaw allows a local user to crash the system or es...
Linux Linux Kernel 5.16
Linux Linux Kernel
Netapp H410c Firmware -
Netapp H300s Firmware -
Netapp H500s Firmware -
Netapp H700s Firmware -
Netapp H300e Firmware -
Netapp H500e Firmware -
Netapp H700e Firmware -
Netapp H410s Firmware -
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Netapp Solidfire -
Netapp Hci Management Node -
Oracle Communications Cloud Native Core Binding Support Function 22.1.3
Oracle Communications Cloud Native Core Policy 22.2.0
Oracle Communications Cloud Native Core Network Exposure Function 22.1.1
1 Github repository
7
CVSSv3
CVE-2021-44733
A use-after-free exists in drivers/tee/tee_shm.c in the TEE subsystem in the Linux kernel up to and including 5.15.11. This occurs because of a race condition in tee_shm_get_from_id during an attempt to free a shared memory object.
Linux Linux Kernel
Redhat Enterprise Linux 8.0
Fedoraproject Fedora 35
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Netapp H410c Firmware -
Netapp H300s Firmware -
Netapp H500s Firmware -
Netapp H700s Firmware -
Netapp H300e Firmware -
Netapp H500e Firmware -
Netapp H700e Firmware -
Netapp H410s Firmware -
1 Github repository
7
CVSSv3
CVE-2021-40490
A race condition exists in ext4_write_inline_data_end in fs/ext4/inline.c in the ext4 subsystem in the Linux kernel up to and including 5.13.13.
Linux Linux Kernel
Fedoraproject Fedora 33
Fedoraproject Fedora 34
Debian Debian Linux 9.0
Debian Debian Linux 11.0
Netapp Aff A250 Firmware -
Netapp Fas 500f Firmware -
Netapp H300s Firmware -
Netapp H500s Firmware -
Netapp H700s Firmware -
Netapp H300e Firmware -
Netapp H500e Firmware -
Netapp H700e Firmware -
Netapp H410s Firmware -
Netapp H410c Firmware -
Netapp H610c Firmware -
Netapp H610s Firmware -
Netapp H615c Firmware -
7
CVSSv3
CVE-2020-25212
A TOCTOU mismatch in the NFS client code in the Linux kernel prior to 5.8.3 could be used by local malicious users to corrupt memory or possibly have unspecified other impact because a size check is in fs/nfs/nfs4proc.c instead of fs/nfs/nfs4xdr.c, aka CID-b4487b935452.
Linux Linux Kernel
Debian Debian Linux 9.0
Opensuse Leap 15.1
Opensuse Leap 15.2
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 20.04
Canonical Ubuntu Linux 16.04
6.8
CVSSv3
CVE-2023-21934
Vulnerability in the Java VM component of Oracle Database Server. Supported versions that are affected are 19c and 21c. Difficult to exploit vulnerability allows low privileged attacker having User Account privilege with network access via TLS to compromise Java VM. Successful at...
Oracle Database 19c
Oracle Database 21c
6.8
CVSSv3
CVE-2019-2909
Vulnerability in the Java VM component of Oracle Database Server. Supported versions that are affected are 11.2.0.4, 12.1.0.2, 12.2.0.1, 18c and 19c. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java V...
Oracle Database Server 12.1.0.2
Oracle Database Server 11.2.0.4
Oracle Database Server 12.2.0.1
Oracle Database Server 18c
Oracle Database Server 19c
6.8
CVSSv3
CVE-2019-2749
Vulnerability in the Java VM component of Oracle Database Server. Supported versions that are affected are 11.2.0.4, 12.1.0.2, 12.2.0.1, 18c and 19c. Difficult to exploit vulnerability allows low privileged attacker having Create Session, Create Procedure privilege with network a...
Oracle Database Server 12.1.0.2
Oracle Database Server 11.2.0.4
Oracle Database Server 12.2.0.1
Oracle Database Server 18c
Oracle Database Server 19c
6.8
CVSSv3
CVE-2016-2270
Xen 4.6.x and previous versions allows local guest administrators to cause a denial of service (host reboot) via vectors related to multiple mappings of MMIO pages with different cachability settings.
Debian Debian Linux 8.0
Debian Debian Linux 7.0
Fedoraproject Fedora 22
Fedoraproject Fedora 23
Xen Xen
Oracle Vm Server 3.4
6.7
CVSSv3
CVE-2016-4962
The libxl device-handling in Xen 4.6.x and previous versions allows local OS guest administrators to cause a denial of service (resource consumption or management facility confusion) or gain host OS privileges by manipulating information in guest controlled areas of xenstore.
Oracle Vm Server 3.4
Oracle Vm Server 3.3
Xen Xen 4.3.2
Xen Xen 4.6.0
Xen Xen 4.3.3
Xen Xen 4.3.0
Xen Xen 4.5.2
Xen Xen 4.4.2
Xen Xen 4.4.4
Xen Xen 4.4.3
Xen Xen 4.4.0
Xen Xen 4.6.1
Xen Xen 4.5.3
Xen Xen 4.3.4
Xen Xen 4.5.1
Xen Xen 4.4.1
Xen Xen 4.3.1
Xen Xen 4.5.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
path traversal
CVE-2024-33545
CVE-2024-35725
CVE-2024-32704
overflow
file upload
CVE-2024-0230
CVE-2024-32705
CVE-2024-23692
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »