Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
virtualization vulnerabilities and exploits
(subscribe to this query)
668
VMScore
CVE-2017-9214
In Open vSwitch (OvS) 2.7.0, while parsing an OFPT_QUEUE_GET_CONFIG_REPLY type OFP 1.0 message, there is a buffer over-read that is caused by an unsigned integer underflow in the function `ofputil_pull_queue_get_config_reply10` in `lib/ofp-util.c`.
Openvswitch Openvswitch 2.7.0
Debian Debian Linux 9.0
Redhat Openstack 6.0
Redhat Openstack 7.0
Redhat Openstack 8
Redhat Openstack 9
Redhat Openstack 10
Redhat Openstack 11
Redhat Virtualization 4.1
Redhat Virtualization Manager 4.1
Redhat Virtualization 4.0
668
VMScore
CVE-2015-4727
Unspecified vulnerability in Oracle Virtualization Sun Ray Software prior to 5.4.4 allows remote malicious users to affect confidentiality, integrity, and availability via unknown vectors related to Web Console.
Oracle Virtualization Sun Ray
668
VMScore
CVE-2013-3779
Unspecified vulnerability in the Secure Global Desktop component in Oracle Virtualization All 4.6 releases including 4.63 and 4.7 before 4.71 allows remote malicious users to affect confidentiality, integrity, and availability via unknown vectors related to Web UI.
Oracle Vm Virtualbox 4.61
Oracle Vm Virtualbox 4.62
Oracle Virtualization 4.7
Oracle Vm Virtualbox 4.6
Oracle Virtualization 4.62
Oracle Virtualization 4.63
Oracle Virtualization 4.6
Oracle Virtualization 4.61
Oracle Vm Virtualbox 4.63
Oracle Vm Virtualbox 4.7
668
VMScore
CVE-2006-1856
Certain modifications to the Linux kernel 2.6.16 and previous versions do not add the appropriate Linux Security Modules (LSM) file_permission hooks to the (1) readv and (2) writev functions, which might allow malicious users to bypass intended access restrictions.
Linux Linux Kernel 2.6.0
Linux Linux Kernel 2.6.11.11
Linux Linux Kernel 2.6.11.12
Linux Linux Kernel 2.6.11
Linux Linux Kernel 2.6.12.1
Linux Linux Kernel 2.6.12.2
Linux Linux Kernel 2.6.12
Linux Linux Kernel 2.6.13
Linux Linux Kernel 2.6.14
Linux Linux Kernel 2.6.15.5
Linux Linux Kernel 2.6.15
Linux Linux Kernel 2.6.6
Linux Linux Kernel 2.6 Test9 Cvs
Linux Linux Kernel 2.6.1
Linux Linux Kernel 2.6.11.5
Linux Linux Kernel 2.6.11.6
Linux Linux Kernel 2.6.12.3
Linux Linux Kernel 2.6.12.4
Linux Linux Kernel 2.6.13.1
Linux Linux Kernel 2.6.13.2
Linux Linux Kernel 2.6.14.1
Linux Linux Kernel 2.6.16
665
VMScore
CVE-2013-4679
Symantec Workspace Virtualization prior to 6.x prior to 6.4.1953.0, when a virtual application layer is configured, allows local users to gain privileges via an application that performs crafted interaction with the operating system.
Symantec Workspace Virtualization
1 EDB exploit
659
VMScore
CVE-2010-0430
libspice, as used in QEMU-KVM in Red Hat Enterprise Virtualization Hypervisor (aka RHEV-H or rhev-hypervisor) prior to 5.5-2.2 and possibly other products, allows guest OS users to read from or write to arbitrary QEMU memory by modifying the address that is used by Cairo for memo...
Redhat Enterprise Virtualization Hypervisor
659
VMScore
CVE-2011-1751
The pciej_write function in hw/acpi_piix4.c in the PIIX4 Power Management emulation in qemu-kvm does not check if a device is hotpluggable before unplugging the PCI-ISA bridge, which allows privileged guest users to cause a denial of service (guest crash) and possibly execute arb...
Qemu Qemu 1.0
Qemu Qemu 0.12.2
Qemu Qemu 0.12.0
Qemu Qemu 1.1
Qemu Qemu 0.1.6
Qemu Qemu 0.13.0
Qemu Qemu 0.5.3
Qemu Qemu 0.4.2
Qemu Qemu 0.10.3
Qemu Qemu 0.11.0-rc1
Qemu Qemu 0.1.5
Qemu Qemu 0.5.1
Qemu Qemu 0.8.2
Qemu Qemu 0.11.0
Qemu Qemu 0.5.5
Qemu Qemu 0.10.1
Qemu Qemu 0.9.0
Qemu Qemu 0.7.2
Qemu Qemu 0.12.5
Qemu Qemu 0.1.3
Qemu Qemu 0.14.0
Qemu Qemu 0.11.1
1 Article
659
VMScore
CVE-2011-2212
Buffer overflow in the virtio subsystem in qemu-kvm 0.14.0 and previous versions allows privileged guest users to cause a denial of service (guest crash) or gain privileges via a crafted indirect descriptor related to "virtqueue in and out requests."
Qemu Qemu 0.12.2
Qemu Qemu 0.12.0
Qemu Qemu 0.1.6
Qemu Qemu 0.13.0
Qemu Qemu 0.5.3
Qemu Qemu 0.4.2
Qemu Qemu 0.10.3
Qemu Qemu 0.11.0-rc1
Qemu Qemu 0.1.5
Qemu Qemu 0.5.1
Qemu Qemu 0.8.2
Qemu Qemu 0.11.0
Qemu Qemu 0.5.5
Qemu Qemu 0.10.1
Qemu Qemu 0.9.0
Qemu Qemu 0.7.2
Qemu Qemu 0.12.5
Qemu Qemu 0.1.3
Qemu Qemu 0.14.0
Qemu Qemu 0.11.1
Qemu Qemu 0.7.1
Qemu Qemu 0.9.1-5
659
VMScore
CVE-2012-0029
Heap-based buffer overflow in the process_tx_desc function in the e1000 emulation (hw/e1000.c) in qemu-kvm 0.12, and possibly other versions, allows guest OS users to cause a denial of service (QEMU crash) and possibly execute arbitrary code via crafted legacy mode packets.
Kvm Group Qemu-kvm 0.12
655
VMScore
CVE-2021-3560
It was found that polkit could be tricked into bypassing the credential checks for D-Bus requests, elevating the privileges of the requestor to the root user. This flaw could be used by an unprivileged local malicious user to, for example, create a new local administrator. The hi...
Polkit Project Polkit
Debian Debian Linux 11.0
Canonical Ubuntu Linux 20.04
Redhat Virtualization 4.0
Redhat Virtualization Host 4.0
Redhat Openshift Container Platform 4.7
48 Github repositories
1 Article
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-49333
CVE-2024-33901
CVE-2024-36001
CVE-2024-2835
firewall
XPath injection
authentication bypass
CVE-2024-22120
CVE-2024-32002
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »