Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
virtualization vulnerabilities and exploits
(subscribe to this query)
9.9
CVSSv3
CVE-2020-14316
A flaw was found in kubevirt 0.29 and previous versions. Virtual Machine Instances (VMIs) can be used to gain access to the host's filesystem. Successful exploitation allows an malicious user to assume the privileges of the VM process on the host system. In worst-case scenar...
Kubevirt Kubevirt
Redhat Openshift Virtualization 1
6.5
CVSSv3
CVE-2020-35497
A flaw was found in ovirt-engine 4.4.3 and previous versions allowing an authenticated user to read other users' personal information, including name, email and public SSH key.
Ovirt Ovirt-engine
Redhat Virtualization 4.0
5.3
CVSSv3
CVE-2020-10775
An Open redirect vulnerability was found in ovirt-engine versions 4.4 and previous versions, where it allows remote malicious users to redirect users to arbitrary web sites and attempt phishing attacks. Once the target has opened the malicious URL in their browser, the critical p...
Oracle Virtualization 4.0
Redhat Ovirt-engine
6.5
CVSSv3
CVE-2015-1780
oVirt users with MANIPULATE_STORAGE_DOMAIN permissions can attach a storage domain to any data-center
Redhat Virtualization 3.0
Redhat Ovirt-engine -
7.8
CVSSv3
CVE-2021-3560
It was found that polkit could be tricked into bypassing the credential checks for D-Bus requests, elevating the privileges of the requestor to the root user. This flaw could be used by an unprivileged local malicious user to, for example, create a new local administrator. The hi...
Polkit Project Polkit
Debian Debian Linux 11.0
Canonical Ubuntu Linux 20.04
Redhat Virtualization 4.0
Redhat Virtualization Host 4.0
Redhat Openshift Container Platform 4.7
48 Github repositories
1 Article
NA
CVE-2015-4186
The diagnostics subsystem in the administrative web interface on Cisco Virtualization Experience (aka VXC) Client 6215 devices with firmware 11.2(27.4) allows local users to gain privileges for OS command execution via a crafted option value, aka Bug ID CSCug54412.
Cisco Virtualization Experience Client 6000 Series Firmware 11.2(27.4)
7
CVSSv3
CVE-2020-1742
An insecure modification vulnerability flaw was found in containers using nmstate/kubernetes-nmstate-handler. An attacker with access to the container could use this flaw to modify /etc/passwd and escalate their privileges. Versions before kubernetes-nmstate-handler-container-v2....
Nmstate Kubernetes-nmstate
Redhat Openshift Virtualization 2
NA
CVE-2012-0105
Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization 4.1 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Windows Guest Additions.
Oracle Vm Virtualbox 4.1
Oracle Virtualization 4.1
NA
CVE-2012-0111
Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization 4.1 allows local users to affect confidentiality and integrity via unknown vectors related to Shared Folders.
Oracle Vm Virtualbox 4.1
Oracle Virtualization 4.1
NA
CVE-2013-3393
The Precision Video Engine component in Cisco Jabber for Windows and Cisco Virtualization Experience Media Engine allows remote malicious users to cause a denial of service (process crash and call disconnection) via crafted RTP packets, aka Bug IDs CSCuh60706 and CSCue21117.
Cisco Jabber -
Cisco Virtualization Experience Media Engine -
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
TCP
CVE-2024-4577
CVE-2024-2695
CVE-2024-31870
injection
CVE-2024-3813
arbitrary code
CVE-2024-27801
CVE-2024-30120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »