Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
virtualization vulnerabilities and exploits
(subscribe to this query)
696
VMScore
CVE-2022-23772
Rat.SetString in math/big in Go prior to 1.16.14 and 1.17.x prior to 1.17.7 has an overflow that can lead to Uncontrolled Memory Consumption.
Golang Go
Netapp Storagegrid -
Netapp Cloud Insights Telegraf Agent -
Netapp Kubernetes Monitoring Operator -
Netapp Beegfs Csi Driver -
Debian Debian Linux 9.0
5 Github repositories
696
VMScore
CVE-2019-11477
Jonathan Looney discovered that the TCP_SKB_CB(skb)->tcp_gso_segs value was subject to an integer overflow in the Linux kernel when handling TCP Selective Acknowledgments (SACKs). A remote attacker could use this to cause a denial of service. This has been fixed in stable kern...
Linux Linux Kernel
F5 Big-ip Advanced Firewall Manager
F5 Big-ip Advanced Firewall Manager 15.0.0
F5 Big-ip Access Policy Manager
F5 Big-ip Access Policy Manager 15.0.0
F5 Big-ip Application Acceleration Manager
F5 Big-ip Application Acceleration Manager 15.0.0
F5 Big-ip Link Controller
F5 Big-ip Link Controller 15.0.0
F5 Big-ip Policy Enforcement Manager
F5 Big-ip Policy Enforcement Manager 15.0.0
F5 Big-ip Webaccelerator
F5 Big-ip Webaccelerator 15.0.0
F5 Big-ip Application Security Manager
F5 Big-ip Application Security Manager 15.0.0
F5 Big-ip Local Traffic Manager
F5 Big-ip Local Traffic Manager 15.0.0
F5 Big-ip Fraud Protection Service
F5 Big-ip Fraud Protection Service 15.0.0
F5 Big-ip Global Traffic Manager
F5 Big-ip Global Traffic Manager 15.0.0
F5 Big-ip Analytics
7 Github repositories
1 Article
695
VMScore
CVE-2009-4031
The do_insn_fetch function in arch/x86/kvm/emulate.c in the x86 emulator in the KVM subsystem in the Linux kernel prior to 2.6.32-rc8-next-20091125 tries to interpret instructions that contain too many bytes to be valid, which allows guest OS users to cause a denial of service (i...
Linux Linux Kernel 2.6.32
Linux Linux Kernel
695
VMScore
CVE-2006-2271
The ECNE chunk handling in Linux SCTP (lksctp) prior to 2.6.17 allows remote malicious users to cause a denial of service (kernel panic) via an unexpected chunk when the session is in CLOSED state.
Lksctp Lksctp 2.6.0 Test1 0.7.2
Lksctp Lksctp 2.6.2 0.9.0
Lksctp Lksctp 2.6.15 1.0.5
Lksctp Lksctp 2.6.0 Test4 0.7.3
Lksctp Lksctp 2.6.13 1.0.3
Lksctp Lksctp 2.6.16 1.0.6
Lksctp Lksctp 2.6.10 1.0.2
Lksctp Lksctp 2.6.6 1.0.1
Lksctp Lksctp 2.6.14 1.0.4
Lksctp Lksctp 2.6.3 1.0.0
695
VMScore
CVE-2006-2272
Linux SCTP (lksctp) prior to 2.6.17 allows remote malicious users to cause a denial of service (kernel panic) via incoming IP fragmented (1) COOKIE_ECHO and (2) HEARTBEAT SCTP control chunks.
Lksctp Stream Control Transmission Protocol
694
VMScore
CVE-2019-20922
Handlebars prior to 4.4.5 allows Regular Expression Denial of Service (ReDoS) because of eager matching. The parser may be forced into an endless loop while processing crafted templates. This may allow malicious users to exhaust system resources.
Handlebarsjs Handlebars
694
VMScore
CVE-2012-0877
PyXML: Hash table collisions CPU usage Denial of Service
Python Pyxml -
Redhat Enterprise Virtualization Hypervisor -
Redhat Enterprise Linux 5.0
Redhat Enterprise Linux 6.0
694
VMScore
CVE-2019-2511
Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Supported versions that are affected are before 5.2.24 and before 6.0.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via SOAP to compromise ...
Oracle Vm Virtualbox 6.0.0
Oracle Vm Virtualbox
694
VMScore
CVE-2014-0230
Apache Tomcat 6.x prior to 6.0.44, 7.x prior to 7.0.55, and 8.x prior to 8.0.9 does not properly handle cases where an HTTP response occurs before finishing the reading of an entire request body, which allows remote malicious users to cause a denial of service (thread consumption...
Apache Tomcat 7.0.2
Apache Tomcat 6.0.33
Apache Tomcat 6.0.0
Apache Tomcat 7.0.49
Apache Tomcat 6.0.39
Apache Tomcat 7.0.12
Apache Tomcat 6.0.6
Apache Tomcat 7.0.53
Apache Tomcat 6.0.4
Apache Tomcat 7.0.20
Apache Tomcat 6.0.11
Apache Tomcat 7.0.34
Apache Tomcat 7.0.8
Apache Tomcat 7.0.1
Apache Tomcat 7.0.5
Apache Tomcat 7.0.4
Apache Tomcat 6.0.7
Apache Tomcat 7.0.22
Apache Tomcat 7.0.39
Apache Tomcat 7.0.26
Apache Tomcat 7.0.46
Apache Tomcat 8.0.5
1 Github repository
694
VMScore
CVE-2015-2121
HP Network Virtualization for LoadRunner and Performance Center 8.61 and 11.52 allows remote malicious users to read arbitrary files via a crafted filename in a URL to the (1) HttpServlet or (2) NetworkEditorController component, aka ZDI-CAN-2569.
Hp Network Virtualization 8.61
Hp Network Virtualization 11.52
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48654
CVE-2024-2757
authentication bypass
CVE-2024-3194
CVE-2024-33640
CVE-2024-21111
dos
insecure direct object reference
CVE-2024-21345
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »