Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
virtualization vulnerabilities and exploits
(subscribe to this query)
776
VMScore
CVE-2015-3456
The Floppy Disk Controller (FDC) in QEMU, as used in Xen 4.5.x and previous versions and KVM, allows local guest users to cause a denial of service (out-of-bounds write and guest crash) or possibly execute arbitrary code via the (1) FD_CMD_READ_ID, (2) FD_CMD_DRIVE_SPECIFICATION_...
Qemu Qemu
Redhat Openstack 4.0
Redhat Enterprise Linux 7.0
Redhat Enterprise Linux 6.0
Redhat Openstack 5.0
Redhat Openstack 7.0
Redhat Enterprise Virtualization 3.0
Redhat Enterprise Linux 5
Xen Xen 4.5.0
Redhat Openstack 6.0
1 EDB exploit
5 Github repositories
3 Articles
756
VMScore
CVE-2020-25717
A flaw was found in the way Samba maps domain users to local users. An authenticated attacker could use this flaw to cause possible privilege escalation.
Samba Samba
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Fedoraproject Fedora 33
Fedoraproject Fedora 34
Fedoraproject Fedora 35
Redhat Enterprise Linux Desktop 7.0
Redhat Enterprise Linux Workstation 7.0
Redhat Enterprise Linux For Scientific Computing 7.0
Redhat Enterprise Linux 7.0
Redhat Enterprise Linux Server 7.0
Redhat Enterprise Linux Resilient Storage 7.0
Redhat Enterprise Linux For Power Little Endian 7.0
Redhat Enterprise Linux For Power Big Endian 7.0
Redhat Enterprise Linux For Ibm Z Systems 7.0
Redhat Gluster Storage 3.0
Redhat Virtualization Host 4.0
Redhat Virtualization 4.0
Redhat Enterprise Linux 8.0
Redhat Enterprise Linux Eus 8.2
Redhat Enterprise Linux Server Aus 8.2
Redhat Openstack 13
1 Github repository
756
VMScore
CVE-2020-14352
A flaw was found in librepo in versions prior to 1.12.1. A directory traversal vulnerability was found where it failed to sanitize paths in remote repository metadata. An attacker controlling a remote repository may be able to copy files outside of the destination directory on th...
Redhat Librepo
Opensuse Leap 15.2
Opensuse Backports Sle 15.0
Fedoraproject Fedora 31
Fedoraproject Fedora 32
Fedoraproject Fedora 33
756
VMScore
CVE-2014-2625
Directory traversal vulnerability in the storedNtxFile function in HP Network Virtualization 8.6 (aka Shunra Network Virtualization) allows remote malicious users to read arbitrary files via crafted input, aka ZDI-CAN-2023.
Hp Network Virtualization 8.6
736
VMScore
CVE-2012-0217
The x86-64 kernel system-call functionality in Xen 4.1.2 and previous versions, as used in Citrix XenServer 6.0.2 and previous versions and other products; Oracle Solaris 11 and previous versions; illumos before r13724; Joyent SmartOS prior to 20120614T184600Z; FreeBSD prior to 9...
Freebsd Freebsd
Illumos Illumos
Joyent Smartos
Xen Xen 4.0.4
Xen Xen 4.1.0
Xen Xen 4.0.2
Xen Xen 4.0.3
Xen Xen 4.1.1
Xen Xen
Xen Xen 4.0.0
Xen Xen 4.0.1
Microsoft Windows 7
Microsoft Windows Server 2008 R2
Microsoft Windows Server 2003
Microsoft Windows Xp
Citrix Xenserver 6.0
Citrix Xenserver
Netbsd Netbsd
Sun Sunos
3 EDB exploits
3 Github repositories
1 Article
725
VMScore
CVE-2021-4034
A local privilege escalation vulnerability was found on polkit's pkexec utility. The pkexec application is a setuid tool designed to allow unprivileged users to run commands as privileged users according predefined policies. The current version of pkexec doesn't handle ...
Polkit Project Polkit
Redhat Enterprise Linux Desktop 7.0
Redhat Enterprise Linux Workstation 7.0
Redhat Enterprise Linux For Scientific Computing 7.0
Redhat Enterprise Linux Server 7.0
Redhat Enterprise Linux For Power Little Endian 7.0
Redhat Enterprise Linux Server 6.0
Redhat Enterprise Linux For Power Big Endian 7.0
Redhat Enterprise Linux For Ibm Z Systems 7.0
Redhat Enterprise Linux Server Aus 7.3
Redhat Enterprise Linux Server Aus 7.4
Redhat Enterprise Linux Server Tus 7.6
Redhat Enterprise Linux Server Aus 7.6
Redhat Enterprise Linux 8.0
Redhat Enterprise Linux Server Aus 7.7
Redhat Enterprise Linux Server Tus 7.7
Redhat Enterprise Linux Eus 8.2
Redhat Enterprise Linux Server Tus 8.2
Redhat Enterprise Linux Server Aus 8.2
Redhat Enterprise Linux Server Tus 8.4
Redhat Enterprise Linux Server Aus 8.4
Redhat Enterprise Linux Server Update Services For Sap Solutions 8.2
279 Github repositories
1 Article
725
VMScore
CVE-2016-3643
SolarWinds Virtualization Manager 6.3.1 and previous versions allow local users to gain privileges by leveraging a misconfiguration of sudo, as demonstrated by "sudo cat /etc/passwd."
Solarwinds Virtualization Manager
1 EDB exploit
713
VMScore
CVE-2015-20107
In Python (aka CPython) up to 3.10.8, the mailcap module does not add escape characters into commands discovered in the system mailcap file. This may allow malicious users to inject shell commands into applications that call mailcap.findmatch with untrusted input (if they lack va...
Python Python
Netapp Snapcenter -
Netapp Ontap Select Deploy Administration Utility -
Netapp Active Iq Unified Manager -
Fedoraproject Fedora 35
Fedoraproject Fedora 36
Fedoraproject Fedora 37
2 Github repositories
704
VMScore
CVE-2010-4263
The igb_receive_skb function in drivers/net/igb/igb_main.c in the Intel Gigabit Ethernet (aka igb) subsystem in the Linux kernel prior to 2.6.34, when Single Root I/O Virtualization (SR-IOV) and promiscuous mode are enabled but no VLANs are registered, allows remote malicious use...
Linux Linux Kernel
Vmware Esx 3.5
Vmware Esxi 4.1
Vmware Esxi 4.0
Vmware Esxi 3.5
Vmware Esx 4.1
Vmware Esxi 5.0
Vmware Esx 4.0
Vmware Esx 3.0.0
Vmware Esx 3.0.2
Vmware Esx 3.0.1
Vmware Esx 3.0.3
703
VMScore
CVE-2021-3752
A use-after-free flaw was found in the Linux kernel’s Bluetooth subsystem in the way user calls connect to the socket and disconnect simultaneously due to a race condition. This flaw allows a user to crash the system or escalate their privileges. The highest threat from thi...
Linux Linux Kernel
Redhat Enterprise Linux 7.0
Redhat Enterprise Linux For Real Time 7
Redhat Enterprise Linux For Real Time For Nfv 7
Redhat Virtualization Host 4.0
Redhat Enterprise Linux 8.0
Redhat 3scale 2.0
Fedoraproject Fedora 34
Netapp H300s Firmware -
Netapp H500s Firmware -
Netapp H700s Firmware -
Netapp H300e Firmware -
Netapp H500e Firmware -
Netapp H700e Firmware -
Netapp H410s Firmware -
Netapp H410c Firmware -
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Oracle Communications Cloud Native Core Binding Support Function 22.1.3
Oracle Communications Cloud Native Core Policy 22.2.0
Oracle Communications Cloud Native Core Network Exposure Function 22.1.1
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48654
CVE-2024-2757
authentication bypass
CVE-2024-3194
CVE-2024-33640
CVE-2024-21111
dos
insecure direct object reference
CVE-2024-21345
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »