Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
virtual machine vulnerabilities and exploits
(subscribe to this query)
188
VMScore
CVE-2015-2877
Kernel Samepage Merging (KSM) in the Linux kernel 2.6.32 up to and including 4.x does not prevent use of a write-timing side channel, which allows guest OS users to defeat the ASLR protection mechanism on other guest OS instances via a Cross-VM ASL INtrospection (CAIN) attack. NO...
Linux Linux Kernel
Redhat Enterprise Linux 4.0
Redhat Enterprise Linux 7.0
Redhat Enterprise Linux 6.0
Redhat Enterprise Linux 5.0
764
VMScore
CVE-2015-4852
The WLS Security component in Oracle WebLogic Server 10.3.6.0, 12.1.2.0, 12.1.3.0, and 12.2.1.0 allows remote malicious users to execute arbitrary commands via a crafted serialized Java object in T3 protocol traffic to TCP port 7001, related to oracle_common/modules/com.bea.core....
Oracle Virtual Desktop Infrastructure
Oracle Weblogic Server 12.2.1.0.0
Oracle Weblogic Server 12.1.3.0.0
Oracle Weblogic Server 10.3.6.0.0
Oracle Weblogic Server 12.1.2.0.0
Oracle Storagetek Tape Analytics Sw Tool 2.3
2 EDB exploits
13 Github repositories
436
VMScore
CVE-2020-36322
An issue exists in the FUSE filesystem implementation in the Linux kernel prior to 5.10.6, aka CID-5d069dbe8aaf. fuse_do_getattr() calls make_bad_inode() in inappropriate situations, causing a system crash. NOTE: the original fix for this vulnerability was incomplete, and its inc...
Linux Linux Kernel
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Starwindsoftware Starwind Virtual San 8
1 Github repository
801
VMScore
CVE-2018-0238
A vulnerability in the role-based resource checking functionality of the Cisco Unified Computing System (UCS) Director could allow an authenticated, remote malicious user to view unauthorized information for any virtual machine in the UCS Director end-user portal and perform any ...
Cisco Unified Computing System Director 6.5\\(0.1\\)
Cisco Unified Computing System Director 6.5\\(0.0\\)
1 Article
700
VMScore
CVE-2014-0983
Multiple array index errors in programs that are automatically generated by VBox/HostServices/SharedOpenGL/crserverlib/server_dispatch.py in Oracle VirtualBox 4.2.x up to and including 4.2.20 and 4.3.x prior to 4.3.8, when using 3D Acceleration, allow local guest OS users to exec...
Oracle Vm Virtualbox 4.3.0
Oracle Vm Virtualbox 4.2.16
Oracle Vm Virtualbox 4.2.10
Oracle Vm Virtualbox 4.2.12
Oracle Vm Virtualbox 4.2.14
Oracle Vm Virtualbox 4.2.8
Oracle Vm Virtualbox 4.3.2
Oracle Vm Virtualbox 4.3.4
Oracle Vm Virtualbox 4.2.2
Oracle Vm Virtualbox 4.2.20
Oracle Vm Virtualbox 4.3.6
Oracle Vm Virtualbox 4.2.0
Oracle Vm Virtualbox 4.2.4
Oracle Vm Virtualbox 4.2.6
Oracle Vm Virtualbox 4.2.18
2 EDB exploits
570
VMScore
CVE-2021-4024
A flaw was found in podman. The `podman machine` function (used to create and manage Podman virtual machine containing a Podman process) spawns a `gvproxy` process on the host system. The `gvproxy` API is accessible on port 7777 on all IP addresses on the host. If that port is op...
Podman Project Podman
Fedoraproject Fedora 34
Fedoraproject Fedora 35
Redhat Enterprise Linux 8.0
642
VMScore
CVE-2020-3947
VMware Workstation (15.x prior to 15.5.2) and Fusion (11.x prior to 11.5.2) contain a use-after vulnerability in vmnetdhcp. Successful exploitation of this issue may lead to code execution on the host from the guest or may allow malicious users to create a denial-of-service condi...
Vmware Fusion
Vmware Workstation
2 Github repositories
1 Article
801
VMScore
CVE-2017-12249
A vulnerability in the Traversal Using Relay NAT (TURN) server included with Cisco Meeting Server (CMS) could allow an authenticated, remote malicious user to gain unauthenticated or unauthorized access to components of or sensitive information in an affected system. The vulnerab...
Cisco Meeting Server 2.2.4
Cisco Meeting Server 2.1.2
Cisco Meeting Server 2.2.0
Cisco Meeting Server 2.2.2
Cisco Meeting Server 2.1.6
Cisco Meeting Server 2.1.8
Cisco Meeting Server 2.1.3
Cisco Meeting Server 2.1.4
Cisco Meeting Server 2.2.5
Cisco Meeting Server 2.1.9
Cisco Meeting Server 2.1.10
Cisco Meeting Server 2.1.1
Cisco Meeting Server 2.1.0
Cisco Meeting Server
Cisco Meeting Server 2.2.1
Cisco Meeting Server 2.2.3
Cisco Meeting Server 2.1.5
Cisco Meeting Server 2.1.7
531
VMScore
CVE-2018-15473
OpenSSH up to and including 7.7 is prone to a user enumeration vulnerability due to not delaying bailout for an invalid authenticating user until after the packet containing the request has been fully parsed, related to auth2-gss.c, auth2-hostbased.c, and auth2-pubkey.c.
Openbsd Openssh
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Redhat Enterprise Linux Desktop 7.0
Redhat Enterprise Linux Workstation 7.0
Redhat Enterprise Linux Server 7.0
Redhat Enterprise Linux Desktop 6.0
Redhat Enterprise Linux Server 6.0
Redhat Enterprise Linux Workstation 6.0
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 18.04
Netapp Cn1610 Firmware -
Netapp Cloud Backup -
Netapp Data Ontap Edge -
Netapp Ontap Select Deploy -
Netapp Steelstore Cloud Integrated Storage -
Netapp Clustered Data Ontap -
Netapp Service Processor -
Netapp Data Ontap -
Netapp Fas Baseboard Management Controller -
Netapp Aff Baseboard Management Controller -
2 EDB exploits
70 Github repositories
1 Article
668
VMScore
CVE-2019-1710
A vulnerability in the sysadmin virtual machine (VM) on Cisco ASR 9000 Series Aggregation Services Routers running Cisco IOS XR 64-bit Software could allow an unauthenticated, remote malicious user to access internal applications running on the sysadmin VM. The vulnerability is d...
Cisco Ios Xr
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »