Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
virtual machine vulnerabilities and exploits
(subscribe to this query)
7.7
CVSSv2
CVE-2021-26443
Microsoft Virtual Machine Bus (VMBus) Remote Code Execution Vulnerability
Microsoft Windows Server 2019 -
Microsoft Windows 10 1809
Microsoft Windows 10 1909
Microsoft Windows Server 2016 2004
Microsoft Windows Server 2016 20h2
Microsoft Windows 10 20h2
Microsoft Windows 10 21h1
Microsoft Windows Server 2022 -
Microsoft Windows 11 -
NA
CVE-2023-34057
VMware Tools contains a local privilege escalation vulnerability. A malicious actor with local user access to a guest virtual machine may elevate privileges within the virtual machine.
Vmware Tools
6.8
CVSSv2
CVE-2009-4849
Multiple cross-site request forgery (CSRF) vulnerabilities in ToutVirtual VirtualIQ Pro 3.2 build 7882 and 3.5 build 8691 allow remote malicious users to hijack the authentication of administrators for requests that (1) create a new user account via a save action to tvserver/user...
Toutvirtual Virtualiq 3.2
Toutvirtual Virtualiq 3.5
1 EDB exploit
NA
CVE-2024-31420
A NULL pointer dereference flaw was found in KubeVirt. This flaw allows an attacker who has access to a virtual machine guest on a node with DownwardMetrics enabled to cause a denial of service by issuing a high number of calls to vm-dump-metrics --virtio and then deleting the vi...
7.2
CVSSv2
CVE-2020-16995
<p>An elevation of privilege vulnerability exists in Network Watcher Agent virtual machine extension for Linux. An attacker who successfully exploited this vulnerability could execute code with elevated privileges.</p> <p>To exploit this vulnerability, an attack...
Microsoft Network Watcher Agent -
7.2
CVSSv2
CVE-2019-16406
Centreon Web 19.04.4 has weak permissions within the OVA (aka VMware virtual machine) and OVF (aka VirtualBox virtual machine) files, allowing malicious users to gain privileges via a Trojan horse Centreon-autodisco executable file that is launched by cron.
Centreon Centreon Web 19.04.4
1 Github repository
7.8
CVSSv2
CVE-2007-1337
The virtual machine process (VMX) in VMware Workstation prior to 5.5.4 does not properly read state information when moving from the ACPI sleep state to the run state, which allows malicious users to cause a denial of service (virtual machine reboot) via unknown vectors.
Vmware Workstation
2.7
CVSSv2
CVE-2021-27075
Azure Virtual Machine Information Disclosure Vulnerability
Microsoft Azure Kubernetes Service -
Microsoft Azure Spring Cloud -
Microsoft Azure Container Registry -
Microsoft Azure Service Fabric -
Microsoft Azure Container Instances -
5
CVSSv2
CVE-2013-5531
Cisco Identity Services Engine (ISE) 1.x prior to 1.1.1 allows remote malicious users to bypass authentication, and read support-bundle configuration and credentials data, via a crafted session on TCP port 443, aka Bug ID CSCty20405.
Cisco Identity Services Engine Software 1.1
Cisco Identity Services Engine Software 1.0
7.2
CVSSv2
CVE-2022-21833
Virtual Machine IDE Drive Elevation of Privilege Vulnerability
Microsoft Windows Server 2008 R2
Microsoft Windows Server 2012 R2
Microsoft Windows 10 1607
Microsoft Windows 8.1 -
Microsoft Windows Server 2016 -
Microsoft Windows 7 -
Microsoft Windows Server 2012 -
Microsoft Windows 10 -
Microsoft Windows Server 2019 -
Microsoft Windows 10 1809
Microsoft Windows 10 1909
Microsoft Windows 10 20h2
Microsoft Windows 10 21h1
Microsoft Windows 11 -
Microsoft Windows Server 20h2
Microsoft Windows Server 2022
Microsoft Windows 10 21h2
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-49223
CVE-2024-0044
information disclosure
CVE-2024-35753
HTML injection
CVE-2024-21306
CVE-2024-35733
SQL injection
CVE-2024-35732
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »