Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
kvm vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2012-4073
The KVM subsystem in the client in Cisco Unified Computing System (UCS) does not verify X.509 certificates from SSL servers, which allows man-in-the-middle malicious users to spoof servers, and read or modify KVM data, via a crafted certificate, aka Bug ID CSCte90332.
Cisco Unified Computing System -
7.8
CVSSv3
CVE-2016-10905
An issue exists in fs/gfs2/rgrp.c in the Linux kernel prior to 4.8. A use-after-free is caused by the functions gfs2_clear_rgrpd and read_rindex_entry.
Linux Linux Kernel
3.3
CVSSv3
CVE-2018-6559
The Linux kernel, as used in Ubuntu 18.04 LTS and Ubuntu 18.10, allows local users to obtain names of files in which they would not normally be able to access via an overlayfs mount inside of a user namespace.
Linux Linux Kernel -
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.10
7.8
CVSSv3
CVE-2013-4532
Qemu 1.1.2+dfsg to 2.1+dfsg suffers from a buffer overrun which could potentially result in arbitrary code execution on the host with the privileges of the QEMU process.
Qemu Qemu
Canonical Ubuntu Linux 10.04
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 14.04
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
8.8
CVSSv3
CVE-2013-4535
The virtqueue_map_sg function in hw/virtio/virtio.c in QEMU prior to 1.7.2 allows remote malicious users to execute arbitrary files via a crafted savevm image, related to virtio-block or virtio-serial read.
Qemu Qemu
Redhat Enterprise Linux Server Tus 6.5
Redhat Enterprise Linux Desktop 6.0
Redhat Enterprise Linux Server 6.0
Redhat Enterprise Linux Workstation 6.0
Redhat Virtualization 3.0
7.8
CVSSv3
CVE-2013-4536
An user able to alter the savevm data (either on the disk or over the wire during migration) could use this flaw to to corrupt QEMU process memory on the (destination) host, which could potentially result in arbitrary code execution on the host with the privileges of the QEMU pro...
Qemu Qemu
7.8
CVSSv3
CVE-2018-18653
The Linux kernel, as used in Ubuntu 18.10 and when booted with UEFI Secure Boot enabled, allows privileged local users to bypass intended Secure Boot restrictions and execute untrusted code by loading arbitrary kernel modules. This occurs because a modified kernel/module.c, in co...
Canonical Ubuntu Linux 18.10
NA
CVE-2009-4031
The do_insn_fetch function in arch/x86/kvm/emulate.c in the x86 emulator in the KVM subsystem in the Linux kernel prior to 2.6.32-rc8-next-20091125 tries to interpret instructions that contain too many bytes to be valid, which allows guest OS users to cause a denial of service (i...
Linux Linux Kernel 2.6.32
Linux Linux Kernel
NA
CVE-2009-3290
The kvm_emulate_hypercall function in arch/x86/kvm/x86.c in KVM in the Linux kernel 2.6.25-rc1, and other versions prior to 2.6.31, when running on x86 systems, does not prevent access to MMU hypercalls from ring 0, which allows local guest OS users to cause a denial of service (...
Linux Linux Kernel
Linux Linux Kernel 2.6.25
NA
CVE-2009-3638
Integer overflow in the kvm_dev_ioctl_get_supported_cpuid function in arch/x86/kvm/x86.c in the KVM subsystem in the Linux kernel prior to 2.6.31.4 allows local users to have an unspecified impact via a KVM_GET_SUPPORTED_CPUID request to the kvm_arch_dev_ioctl function.
Linux Linux Kernel 2.6.27.29
Linux Linux Kernel 2.6.27.12
Linux Linux Kernel 2.6.20.6
Linux Linux Kernel 2.6.20.9
Linux Linux Kernel 2.6.11
Linux Linux Kernel 2.6.23.4
Linux Linux Kernel 2.6.22.15
Linux Linux Kernel 2.6.16.16
Linux Linux Kernel 2.6.18.7
Linux Linux Kernel 2.6.17.12
Linux Linux Kernel 2.6.16.39
Linux Linux Kernel 2.6.27.3
Linux Linux Kernel 2.6.31
Linux Linux Kernel 2.6.29.3
Linux Linux Kernel 2.6.21
Linux Linux Kernel 2.6.16.9
Linux Linux Kernel 2.6.17.9
Linux Linux Kernel 2.6.11.2
Linux Linux Kernel 2.6.27.1
Linux Linux Kernel 2.6.5
Linux Linux Kernel 2.6.15.3
Linux Linux Kernel 2.6.27.30
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30043
camera
CVE-2023-40404
CVE-2024-2793
client side
CVE-2024-4469
CVE-2024-3565
CVE-2024-29825
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »