Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
virtualization host vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2020-25685
A flaw was found in dnsmasq before version 2.83. When getting a reply from a forwarded query, dnsmasq checks in forward.c:reply_query(), which is the forwarded query that matches the reply, by only using a weak hash of the query name. Due to the weak hash (CRC32 when dnsmasq is c...
Thekelleys Dnsmasq
Fedoraproject Fedora 32
Fedoraproject Fedora 33
Debian Debian Linux 10.0
Arista Eos
2 Github repositories
1 Article
4.3
CVSSv2
CVE-2020-25686
A flaw was found in dnsmasq before version 2.83. When receiving a query, dnsmasq does not check for an existing pending request for the same name and forwards a new request. By default, a maximum of 150 pending queries can be sent to upstream servers, so there can be at most 150 ...
Thekelleys Dnsmasq
Fedoraproject Fedora 32
Fedoraproject Fedora 33
Debian Debian Linux 10.0
Arista Eos
2 Github repositories
1 Article
4.7
CVSSv2
CVE-2013-0152
Memory leak in Xen 4.2 and unstable allows local HVM guests to cause a denial of service (host memory consumption) by performing nested virtualization in a way that triggers errors that are not properly handled.
Xen Xen 4.2.0
NA
CVE-2022-36648
The hardware emulation in the of_dpa_cmd_add_l2_flood of rocker device model in QEMU, as used in 7.0.0 and previous versions, allows remote malicious users to crash the host qemu and potentially execute code on the host via execute a malformed program in the guest OS. Note: This ...
Qemu Qemu
5.7
CVSSv2
CVE-2013-4551
Xen 4.2.x and 4.3.x, when nested virtualization is disabled, does not properly check the emulation paths for (1) VMLAUNCH and (2) VMRESUME, which allows local HVM guest users to cause a denial of service (host crash) via unspecified vectors related to "guest VMX instruction ...
Xen Xen 4.3.1
Xen Xen 4.2.0
Xen Xen 4.2.3
Xen Xen 4.3.0
Xen Xen 4.2.1
Xen Xen 4.2.2
7.2
CVSSv2
CVE-2020-7467
In FreeBSD 12.2-STABLE before r365767, 11.4-STABLE before r365769, 12.1-RELEASE before p10, 11.4-RELEASE before p4 and 11.3-RELEASE before p14 a number of AMD virtualization instructions operate on host physical addresses, are not subject to nested page table translation, and gue...
Freebsd Freebsd 11.3
Freebsd Freebsd 11.4
Freebsd Freebsd 12.1
Freebsd Freebsd 12.2
2.1
CVSSv2
CVE-2012-2669
The main function in tools/hv/hv_kvp_daemon.c in hypervkvpd, as distributed in the Linux kernel prior to 3.4.5, does not validate the origin of Netlink messages, which allows local users to spoof Netlink communication via a crafted connector message.
Linux Linux Kernel 3.4.3
Linux Linux Kernel
Linux Linux Kernel 3.4.2
Linux Linux Kernel 3.4.1
1.9
CVSSv2
CVE-2009-3556
A certain Red Hat configuration step for the qla2xxx driver in the Linux kernel 2.6.18 on Red Hat Enterprise Linux (RHEL) 5, when N_Port ID Virtualization (NPIV) hardware is used, sets world-writable permissions for the (1) vport_create and (2) vport_delete files under /sys/class...
Linux Linux Kernel 2.6.18
Redhat Enterprise Linux 5
4.6
CVSSv2
CVE-2013-0151
The do_hvm_op function in xen/arch/x86/hvm/hvm.c in Xen 4.2.x on the x86_32 platform does not prevent HVM_PARAM_NESTEDHVM (aka nested virtualization) operations, which allows guest OS users to cause a denial of service (long-duration page mappings and host OS crash) by leveraging...
Xen Xen 4.2.0
Xen Xen 4.2.1
4.4
CVSSv2
CVE-2020-14364
An out-of-bounds read/write access flaw was found in the USB emulator of the QEMU in versions prior to 5.2.0. This issue occurs while processing USB packets from a guest when USBDevice 'setup_len' exceeds its 'data_buf[4096]' in the do_token_in, do_token_out r...
Qemu Qemu
Redhat Enterprise Linux 7.0
Redhat Enterprise Linux 6.0
Redhat Openstack 10
Redhat Enterprise Linux 8.0
Redhat Openstack 13
Fedoraproject Fedora 31
Fedoraproject Fedora 32
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Opensuse Leap 15.2
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 20.04
Canonical Ubuntu Linux 16.04
6 Github repositories
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33228
CVE-2024-20361
log injection
bypass
CVE-2024-4985
CVE-2024-35223
CVE-2024-29849
CVE-2024-31893
IMAP
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »