Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
virtualization host vulnerabilities and exploits
(subscribe to this query)
7.2
CVSSv2
CVE-2017-16650
The qmi_wwan_bind function in drivers/net/usb/qmi_wwan.c in the Linux kernel up to and including 4.13.11 allows local users to cause a denial of service (divide-by-zero error and system crash) or possibly have unspecified other impact via a crafted USB device.
Linux Linux Kernel
7.2
CVSSv2
CVE-2015-5260
Heap-based buffer overflow in SPICE prior to 0.12.6 allows guest OS users to cause a denial of service (heap-based memory corruption and QEMU-KVM crash) or possibly execute arbitrary code on the host via QXL commands related to the surface_id parameter.
Redhat Enterprise Linux Server Eus 6.7.z
Redhat Enterprise Linux Hpc Node 6.0
Redhat Enterprise Linux Desktop 6.0
Redhat Enterprise Linux Server 6.0
Redhat Enterprise Linux Workstation 6.0
Debian Debian Linux 8.0
Debian Debian Linux 7.0
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 15.04
Spice Project Spice
Redhat Enterprise Linux Desktop 7.0
Redhat Enterprise Linux Workstation 7.0
Redhat Enterprise Linux Server 7.0
Redhat Enterprise Linux Hpc Node 7.0
Redhat Enterprise Linux Server Eus 7.1
Redhat Enterprise Linux Hpc Node Eus 7.1
7.2
CVSSv2
CVE-2016-3710
The VGA module in QEMU improperly performs bounds checking on banked access to video memory, which allows local guest OS administrators to execute arbitrary code on the host by changing access modes after setting the bank register, aka the "Dark Portal" issue.
Debian Debian Linux 8.0
Hp Helion Openstack 2.0.0
Hp Helion Openstack 2.1.0
Hp Helion Openstack 2.1.2
Hp Helion Openstack 2.1.4
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 15.10
Canonical Ubuntu Linux 12.04
Qemu Qemu
Qemu Qemu 2.6.0
Oracle Vm Server 3.2
Oracle Vm Server 3.3
Oracle Vm Server 3.4
Oracle Linux 5
Oracle Linux 6
Oracle Linux 7
Citrix Xenserver
Redhat Openstack 5.0
Redhat Openstack 6.0
Redhat Openstack 7.0
Redhat Openstack 8
7.2
CVSSv2
CVE-2015-5279
Heap-based buffer overflow in the ne2000_receive function in hw/net/ne2000.c in QEMU prior to 2.4.0.1 allows guest OS users to cause a denial of service (instance crash) or possibly execute arbitrary code via vectors related to receiving packets.
Qemu Qemu
7.2
CVSSv2
CVE-2014-3689
The vmware-vga driver (hw/display/vmware_vga.c) in QEMU allows local guest users to write to qemu memory locations and gain privileges via unspecified parameters related to rectangle handling.
Qemu Qemu
Debian Debian Linux 7.0
Canonical Ubuntu Linux 14.10
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 10.04
7.2
CVSSv2
CVE-2012-3515
Qemu, as used in Xen 4.0, 4.1 and possibly other products, when emulating certain devices with a virtual console backend, allows local OS guest users to gain privileges via a crafted escape VT100 sequence that triggers the overwrite of a "device model's address space.&q...
Xen Xen 4.0.0
Xen Xen 4.1.0
Qemu Qemu
Suse Linux Enterprise Server 11
Suse Linux Enterprise Server 10
Suse Linux Enterprise Desktop 11
Opensuse Opensuse 11.4
Opensuse Opensuse 12.2
Suse Linux Enterprise Desktop 10
Opensuse Opensuse 12.1
Suse Linux Enterprise Software Development Kit 11
Suse Linux Enterprise Software Development Kit 10
Redhat Virtualization 3.0
Redhat Enterprise Linux Server 5.0
Redhat Enterprise Linux Workstation 5.0
Redhat Enterprise Linux Desktop 6.0
Redhat Enterprise Linux Server 6.0
Redhat Enterprise Linux Workstation 6.0
Redhat Enterprise Linux Desktop 5.0
Redhat Enterprise Linux Eus 6.3
Redhat Virtualization 6.0
Redhat Virtualization 5.0
7.2
CVSSv2
CVE-2012-0217
The x86-64 kernel system-call functionality in Xen 4.1.2 and previous versions, as used in Citrix XenServer 6.0.2 and previous versions and other products; Oracle Solaris 11 and previous versions; illumos before r13724; Joyent SmartOS prior to 20120614T184600Z; FreeBSD prior to 9...
Freebsd Freebsd
Illumos Illumos
Joyent Smartos
Xen Xen 4.0.4
Xen Xen 4.1.0
Xen Xen 4.0.2
Xen Xen 4.0.3
Xen Xen 4.1.1
Xen Xen
Xen Xen 4.0.0
Xen Xen 4.0.1
Microsoft Windows 7
Microsoft Windows Server 2008 R2
Microsoft Windows Server 2003
Microsoft Windows Xp
Citrix Xenserver 6.0
Citrix Xenserver
Netbsd Netbsd
Sun Sunos
3 EDB exploits
3 Github repositories
1 Article
7.2
CVSSv2
CVE-2009-3638
Integer overflow in the kvm_dev_ioctl_get_supported_cpuid function in arch/x86/kvm/x86.c in the KVM subsystem in the Linux kernel prior to 2.6.31.4 allows local users to have an unspecified impact via a KVM_GET_SUPPORTED_CPUID request to the kvm_arch_dev_ioctl function.
Linux Linux Kernel 2.6.27.29
Linux Linux Kernel 2.6.27.12
Linux Linux Kernel 2.6.20.6
Linux Linux Kernel 2.6.20.9
Linux Linux Kernel 2.6.11
Linux Linux Kernel 2.6.23.4
Linux Linux Kernel 2.6.22.15
Linux Linux Kernel 2.6.16.16
Linux Linux Kernel 2.6.18.7
Linux Linux Kernel 2.6.17.12
Linux Linux Kernel 2.6.16.39
Linux Linux Kernel 2.6.27.3
Linux Linux Kernel 2.6.31
Linux Linux Kernel 2.6.29.3
Linux Linux Kernel 2.6.21
Linux Linux Kernel 2.6.16.9
Linux Linux Kernel 2.6.17.9
Linux Linux Kernel 2.6.11.2
Linux Linux Kernel 2.6.27.1
Linux Linux Kernel 2.6.5
Linux Linux Kernel 2.6.15.3
Linux Linux Kernel 2.6.27.30
7.1
CVSSv2
CVE-2021-3737
A flaw was found in python. An improperly handled HTTP response in the HTTP client code of python may allow a remote attacker, who controls the HTTP server, to make the client script enter an infinite loop, consuming CPU time. The highest threat from this vulnerability is to syst...
Python Python
Redhat Enterprise Linux 7.0
Redhat Enterprise Linux 6.0
Redhat Enterprise Linux 8.0
Redhat Enterprise Linux For Power Little Endian 8.0
Redhat Enterprise Linux For Ibm Z Systems 8.0
Redhat Codeready Linux Builder For Ibm Z Systems 8.0
Redhat Codeready Linux Builder For Power Little Endian 8.0
Redhat Codeready Linux Builder 8.0
Fedoraproject Fedora 33
Fedoraproject Fedora 34
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 20.04
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 21.04
Netapp Ontap Select Deploy Administration Utility -
Netapp Hci -
Netapp Management Services For Element Software -
Netapp Netapp Xcp Smb -
Netapp Xcp Nfs -
Oracle Communications Cloud Native Core Binding Support Function 22.1.3
7.1
CVSSv2
CVE-2009-3722
The handle_dr function in arch/x86/kvm/vmx.c in the KVM subsystem in the Linux kernel prior to 2.6.31.1 does not properly verify the Current Privilege Level (CPL) before accessing a debug register, which allows guest OS users to cause a denial of service (trap) on the host OS via...
Linux Linux Kernel 2.6.27.29
Linux Linux Kernel 2.6.27.12
Linux Linux Kernel 2.6.20.6
Linux Linux Kernel 2.6.20.9
Linux Linux Kernel 2.6.11
Linux Linux Kernel 2.6.23.4
Linux Linux Kernel 2.6.22.15
Linux Linux Kernel 2.6.16.16
Linux Linux Kernel 2.6.18.7
Linux Linux Kernel 2.6.17.12
Linux Linux Kernel 2.6.16.39
Linux Linux Kernel 2.6.27.3
Linux Linux Kernel 2.6.29.3
Linux Linux Kernel 2.6.21
Linux Linux Kernel 2.6.16.9
Linux Linux Kernel 2.6.17.9
Linux Linux Kernel 2.6.11.2
Linux Linux Kernel 2.6.27.1
Linux Linux Kernel 2.6.5
Linux Linux Kernel 2.6.15.3
Linux Linux Kernel 2.6.27.30
Linux Linux Kernel 2.6.11.10
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
man-in-the-middle
CVE-2024-34558
CVE-2024-32674
CVE-2024-34351
XPath injection
CVE-2023-45866
CVE-2024-25528
CVE-2024-25517
path traversal
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »