Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
virtual machine vulnerabilities and exploits
(subscribe to this query)
7.8
CVSSv3
CVE-2016-7488
Teradata Virtual Machine Community Edition v15.10 has insecure file permissions on /etc/luminex/pkgmgr. These could allow a local user to modify its contents and execute commands as root.
Teradata Virtual Machine 15.10
9.8
CVSSv3
CVE-2016-7489
Teradata Virtual Machine Community Edition v15.10's perl script /opt/teradata/gsctools/bin/t2a.pl creates files in /tmp in an insecure manner, this may lead to elevated code execution.
Teradata Virtual Machine 15.10
NA
CVE-1999-0766
The Microsoft Java Virtual Machine allows a malicious Java applet to execute arbitrary commands outside of the sandbox environment.
Microsoft Java Virtual Machine
NA
CVE-2014-2208
CRLF injection vulnerability in the LightProcess protocol implementation in hphp/util/light-process.cpp in Facebook HipHop Virtual Machine (HHVM) prior to 2.4.2 allows remote malicious users to execute arbitrary commands by entering a \n (newline) character before the end of a st...
Facebook Hiphop Virtual Machine
NA
CVE-2014-9714
Cross-site scripting (XSS) vulnerability in the WddxPacket::recursiveAddVar function in HHVM (aka the HipHop Virtual Machine) prior to 3.5.0 allows remote malicious users to inject arbitrary web script or HTML via a crafted string to the wddx_serialize_value function.
Facebook Hiphop Virtual Machine
NA
CVE-2014-6229
The HashContext class in hphp/runtime/ext/ext_hash.cpp in Facebook HipHop Virtual Machine (HHVM) prior to 3.3.0 incorrectly expects that a certain key string uses '\0' for termination, which allows remote malicious users to obtain sensitive information by leveraging rea...
Facebook Hiphop Virtual Machine
NA
CVE-2014-5386
The mcrypt_create_iv function in hphp/runtime/ext/mcrypt/ext_mcrypt.cpp in Facebook HipHop Virtual Machine (HHVM) prior to 3.3.0 does not seed the random number generator, which makes it easier for remote malicious users to defeat cryptographic protection mechanisms by leveraging...
Facebook Hiphop Virtual Machine
NA
CVE-2014-2209
Facebook HipHop Virtual Machine (HHVM) prior to 3.1.0 does not drop supplemental group memberships within hphp/util/capability.cpp and hphp/util/light-process.cpp, which allows remote malicious users to bypass intended access restrictions by leveraging group permissions for a fil...
Facebook Hiphop Virtual Machine
NA
CVE-2002-1288
The Microsoft Java implementation, as used in Internet Explorer, allows remote malicious users to determine the current directory of the Internet Explorer process via the getAbsolutePath() method in a File() call.
Microsoft Java Virtual Machine 1.1
NA
CVE-2002-1291
The Microsoft Java implementation, as used in Internet Explorer, allows remote malicious users to read arbitrary local files and network shares via an applet tag with a codebase set to a "file://%00" (null character) URL.
Microsoft Java Virtual Machine 1.1
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-29895
blind SQL injection
CVE-2024-5064
CVE-2023-52677
CVE-2023-52682
CVE-2024-30051
CVE-2024-35849
remote attackers
remote
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »