Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
virtual machine vulnerabilities and exploits
(subscribe to this query)
3.3
CVSSv3
CVE-2015-2877
Kernel Samepage Merging (KSM) in the Linux kernel 2.6.32 up to and including 4.x does not prevent use of a write-timing side channel, which allows guest OS users to defeat the ASLR protection mechanism on other guest OS instances via a Cross-VM ASL INtrospection (CAIN) attack. NO...
Linux Linux Kernel
Redhat Enterprise Linux 4.0
Redhat Enterprise Linux 7.0
Redhat Enterprise Linux 6.0
Redhat Enterprise Linux 5.0
9.8
CVSSv3
CVE-2015-4852
The WLS Security component in Oracle WebLogic Server 10.3.6.0, 12.1.2.0, 12.1.3.0, and 12.2.1.0 allows remote malicious users to execute arbitrary commands via a crafted serialized Java object in T3 protocol traffic to TCP port 7001, related to oracle_common/modules/com.bea.core....
Oracle Virtual Desktop Infrastructure
Oracle Weblogic Server 12.2.1.0.0
Oracle Weblogic Server 12.1.3.0.0
Oracle Weblogic Server 10.3.6.0.0
Oracle Weblogic Server 12.1.2.0.0
Oracle Storagetek Tape Analytics Sw Tool 2.3
2 EDB exploits
13 Github repositories
5.5
CVSSv3
CVE-2020-36322
An issue exists in the FUSE filesystem implementation in the Linux kernel prior to 5.10.6, aka CID-5d069dbe8aaf. fuse_do_getattr() calls make_bad_inode() in inappropriate situations, causing a system crash. NOTE: the original fix for this vulnerability was incomplete, and its inc...
Linux Linux Kernel
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Starwindsoftware Starwind Virtual San 8
1 Github repository
9.9
CVSSv3
CVE-2018-0238
A vulnerability in the role-based resource checking functionality of the Cisco Unified Computing System (UCS) Director could allow an authenticated, remote malicious user to view unauthorized information for any virtual machine in the UCS Director end-user portal and perform any ...
Cisco Unified Computing System Director 6.5\\(0.1\\)
Cisco Unified Computing System Director 6.5\\(0.0\\)
1 Article
NA
CVE-2014-0983
Multiple array index errors in programs that are automatically generated by VBox/HostServices/SharedOpenGL/crserverlib/server_dispatch.py in Oracle VirtualBox 4.2.x up to and including 4.2.20 and 4.3.x prior to 4.3.8, when using 3D Acceleration, allow local guest OS users to exec...
Oracle Vm Virtualbox 4.3.0
Oracle Vm Virtualbox 4.2.16
Oracle Vm Virtualbox 4.2.10
Oracle Vm Virtualbox 4.2.12
Oracle Vm Virtualbox 4.2.14
Oracle Vm Virtualbox 4.2.8
Oracle Vm Virtualbox 4.3.2
Oracle Vm Virtualbox 4.3.4
Oracle Vm Virtualbox 4.2.2
Oracle Vm Virtualbox 4.2.20
Oracle Vm Virtualbox 4.3.6
Oracle Vm Virtualbox 4.2.0
Oracle Vm Virtualbox 4.2.4
Oracle Vm Virtualbox 4.2.6
Oracle Vm Virtualbox 4.2.18
2 EDB exploits
6.5
CVSSv3
CVE-2021-4024
A flaw was found in podman. The `podman machine` function (used to create and manage Podman virtual machine containing a Podman process) spawns a `gvproxy` process on the host system. The `gvproxy` API is accessible on port 7777 on all IP addresses on the host. If that port is op...
Podman Project Podman
Fedoraproject Fedora 34
Fedoraproject Fedora 35
Redhat Enterprise Linux 8.0
8.8
CVSSv3
CVE-2020-3947
VMware Workstation (15.x prior to 15.5.2) and Fusion (11.x prior to 11.5.2) contain a use-after vulnerability in vmnetdhcp. Successful exploitation of this issue may lead to code execution on the host from the guest or may allow malicious users to create a denial-of-service condi...
Vmware Fusion
Vmware Workstation
2 Github repositories
1 Article
9.1
CVSSv3
CVE-2017-12249
A vulnerability in the Traversal Using Relay NAT (TURN) server included with Cisco Meeting Server (CMS) could allow an authenticated, remote malicious user to gain unauthenticated or unauthorized access to components of or sensitive information in an affected system. The vulnerab...
Cisco Meeting Server 2.2.4
Cisco Meeting Server 2.1.2
Cisco Meeting Server 2.2.0
Cisco Meeting Server 2.2.2
Cisco Meeting Server 2.1.6
Cisco Meeting Server 2.1.8
Cisco Meeting Server 2.1.3
Cisco Meeting Server 2.1.4
Cisco Meeting Server 2.2.5
Cisco Meeting Server 2.1.9
Cisco Meeting Server 2.1.10
Cisco Meeting Server 2.1.1
Cisco Meeting Server 2.1.0
Cisco Meeting Server
Cisco Meeting Server 2.2.1
Cisco Meeting Server 2.2.3
Cisco Meeting Server 2.1.5
Cisco Meeting Server 2.1.7
5.3
CVSSv3
CVE-2018-15473
OpenSSH up to and including 7.7 is prone to a user enumeration vulnerability due to not delaying bailout for an invalid authenticating user until after the packet containing the request has been fully parsed, related to auth2-gss.c, auth2-hostbased.c, and auth2-pubkey.c.
Openbsd Openssh
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Redhat Enterprise Linux Desktop 7.0
Redhat Enterprise Linux Workstation 7.0
Redhat Enterprise Linux Server 7.0
Redhat Enterprise Linux Desktop 6.0
Redhat Enterprise Linux Server 6.0
Redhat Enterprise Linux Workstation 6.0
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 18.04
Netapp Cn1610 Firmware -
Netapp Cloud Backup -
Netapp Data Ontap Edge -
Netapp Ontap Select Deploy -
Netapp Steelstore Cloud Integrated Storage -
Netapp Clustered Data Ontap -
Netapp Service Processor -
Netapp Data Ontap -
Netapp Fas Baseboard Management Controller -
Netapp Aff Baseboard Management Controller -
2 EDB exploits
70 Github repositories
1 Article
9.8
CVSSv3
CVE-2019-1710
A vulnerability in the sysadmin virtual machine (VM) on Cisco ASR 9000 Series Aggregation Services Routers running Cisco IOS XR 64-bit Software could allow an unauthenticated, remote malicious user to access internal applications running on the sysadmin VM. The vulnerability is d...
Cisco Ios Xr
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
validation
CVE-2012-1823
malicious code
CVE-2024-5770
CVE-2023-45866
CVE-2024-35687
local users
CVE-2024-31246
CVE-2024-35730
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »