Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
virtual machine vulnerabilities and exploits
(subscribe to this query)
6.8
CVSSv2
CVE-2009-4849
Multiple cross-site request forgery (CSRF) vulnerabilities in ToutVirtual VirtualIQ Pro 3.2 build 7882 and 3.5 build 8691 allow remote malicious users to hijack the authentication of administrators for requests that (1) create a new user account via a save action to tvserver/user...
Toutvirtual Virtualiq 3.2
Toutvirtual Virtualiq 3.5
1 EDB exploit
NA
CVE-2024-31420
A NULL pointer dereference flaw was found in KubeVirt. This flaw allows an attacker who has access to a virtual machine guest on a node with DownwardMetrics enabled to cause a denial of service by issuing a high number of calls to vm-dump-metrics --virtio and then deleting the vi...
NA
CVE-2024-22269
VMware Workstation and Fusion contain an information disclosure vulnerability in the vbluetooth device. A malicious actor with local administrative privileges on a virtual machine may be able to read privileged information contained in hypervisor memory from a virtual machine.
2 Articles
7.2
CVSSv2
CVE-2020-16995
<p>An elevation of privilege vulnerability exists in Network Watcher Agent virtual machine extension for Linux. An attacker who successfully exploited this vulnerability could execute code with elevated privileges.</p> <p>To exploit this vulnerability, an attack...
Microsoft Network Watcher Agent -
7.2
CVSSv2
CVE-2019-16406
Centreon Web 19.04.4 has weak permissions within the OVA (aka VMware virtual machine) and OVF (aka VirtualBox virtual machine) files, allowing malicious users to gain privileges via a Trojan horse Centreon-autodisco executable file that is launched by cron.
Centreon Centreon Web 19.04.4
1 Github repository
NA
CVE-2024-22270
VMware Workstation and Fusion contain an information disclosure vulnerability in the Host Guest File Sharing (HGFS) functionality. A malicious actor with local administrative privileges on a virtual machine may be able to read privileged information contained in hypervisor memory...
2 Articles
7.8
CVSSv2
CVE-2007-1337
The virtual machine process (VMX) in VMware Workstation prior to 5.5.4 does not properly read state information when moving from the ACPI sleep state to the run state, which allows malicious users to cause a denial of service (virtual machine reboot) via unknown vectors.
Vmware Workstation
2.7
CVSSv2
CVE-2021-27075
Azure Virtual Machine Information Disclosure Vulnerability
Microsoft Azure Kubernetes Service -
Microsoft Azure Spring Cloud -
Microsoft Azure Container Registry -
Microsoft Azure Service Fabric -
Microsoft Azure Container Instances -
7.2
CVSSv2
CVE-2022-21833
Virtual Machine IDE Drive Elevation of Privilege Vulnerability
Microsoft Windows Server 2008 R2
Microsoft Windows Server 2012 R2
Microsoft Windows 10 1607
Microsoft Windows 8.1 -
Microsoft Windows Server 2016 -
Microsoft Windows 7 -
Microsoft Windows Server 2012 -
Microsoft Windows 10 -
Microsoft Windows Server 2019 -
Microsoft Windows 10 1809
Microsoft Windows 10 1909
Microsoft Windows 10 20h2
Microsoft Windows 10 21h1
Microsoft Windows 11 -
Microsoft Windows Server 20h2
Microsoft Windows Server 2022
Microsoft Windows 10 21h2
4
CVSSv2
CVE-2019-5534
VMware vCenter Server (6.7.x before 6.7 U3, 6.5 before 6.5 U3 and 6.0 before 6.0 U3j) contains an information disclosure vulnerability where Virtual Machines deployed from an OVF could expose login information via the virtual machine's vAppConfig properties. A malicious acto...
Vmware Vcenter Server 6.0
Vmware Vcenter Server 6.7
Vmware Vcenter Server 6.5
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-29895
blind SQL injection
CVE-2024-5064
CVE-2023-52677
CVE-2023-52682
CVE-2024-30051
CVE-2024-35849
remote attackers
remote
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »