MiracleLinux 4 : qemu-kvm-0.12.1.2-2.355.AXS4.2 (AXSA:2013-198:02)

The remote MiracleLinux 4 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2013-198:02 advisory. KVM for Kernel-based Virtual Machine is a full virtualization solution for Linux on x86 hardware. Using KVM, one can run multiple virtual machines running...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-002282)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002282 advisory. Buffer overflow in the completeemulatedmmio function in arch/x86/kvm/x86.c in the Linux kernel before 3.13.6 allows guest OS users to execute arbitrary code on the...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-000560)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000560 advisory. Buffer overflow in the completeemulatedmmio function in arch/x86/kvm/x86.c in the Linux kernel before 3.13.6 allows guest OS users to execute arbitrary code on the...

Oracle VirtualBox VMSVGA Integer Underflow Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Oracle VirtualBox. An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within the VMSVGA...

EUVD-2019-15093

Malware in sbrugna...

GHSA-JQQ4-C7WQ-36H7 risc0 vulnerable to arbitrary code execution in guest via memory safety failure in `sys_read`

Arbitrary code execution in guest via memory safety failure in sysread In affected versions of risc0-zkvm-platform, when the zkVM guest calls sysread, the host is able to use a crafted response to write to an arbitrary memory location in the guest. This capability can be leveraged to execute...

PT-2025-40308

Name of the Vulnerable Software and Affected Versions risc0-zkvm-platform versions 2.0.2 and below risc0-aggregation versions below 0.9 risc0-zkos-v1compat versions below 2.1.0 risc0-zkvm versions 3.0.0-rc.1 through 3.0.1 Description The software contains a flaw related to memory safety in the sy...

CVE-2023-27326

Parallels Desktop Toolgate Directory Traversal Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop. An attacker must first obtain the ability to execute high-privileged code on the target guest...

DEBIAN-CVE-2024-3446

A double free vulnerability was found in QEMU virtio devices virtio-gpu, virtio-serial-bus, virtio-crypto, where the memreentrancyguard flag insufficiently protects against DMA reentrancy issues. This issue could allow a malicious privileged guest user to crash the QEMU process on the host,...

SUSE CVE-2020-12967

The lack of nested page table protection in the AMD SEV/SEV-ES feature could potentially lead to arbitrary code execution within the guest VM if a malicious administrator has access to compromise the server hypervisor...

PT-2022-4357 · Lib9P +1 · Lib9P +1

Name of the Vulnerable Software and Affected Versions: lib9p affected versions not specified Description: The issue is related to the handling of RWALK messages in lib9p, where a missing bounds check allows a specially crafted message to cause lib9p to overwrite unrelated memory. This could...

CVE-2021-34869

This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 16.1.3-49160. An attacker must first obtain the ability to execute low-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within...

CVE-2021-34864

This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 16.1.3 49160. An attacker must first obtain the ability to execute low-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within...

Vulnerabilities fixed in Citrix Hypervisor

Citrix has fixed vulnerabilities in Hypervisor. The vulnerabilities allow a malicious person with the right to execute code execute code in the guest be able to obtain system data, appropriate assign privileges on the host or cause a denial-of-service cause a Denial-of-Service on the host. Citrix...

Integer overflow in the load_multiboot function in hw/i386/multiboot.c in QEMU (aka Quick Emulator) allows local guest OS users to execute arbitrary code on the host via crafted multiboot header address values which trigger an out-of-bounds write.

...

CVE-2018-6974

VMware ESXi 6.7 before ESXi670-201810101-SG, 6.5 before ESXi650-201808401-BG, and 6.0 before ESXi600-201808401-BG, Workstation 14.x before 14.1.3 and Fusion 10.x before 10.1.3 contain an out-of-bounds read vulnerability in SVGA device. This issue may allow a guest to execute code on the host...

CVE-2018-6973

VMware Workstation 14.x before 14.1.3 and Fusion 10.x before 10.1.3 contain an out-of-bounds write vulnerability in the e1000 device. This issue may allow a guest to execute code on the host...

CVE-2017-4949

VMware Workstation and Fusion contain a use-after-free vulnerability in VMware NAT service when IPv6 mode is enabled. This issue may allow a guest to execute code on the host. Note: IPv6 mode for VMNAT is not enabled by default...

VMware Fusion Memory Corruption Vulnerability (VMSA-2017-0005) - Mac OS X

VMware Fusion is prone to a memory corruption vulnerability. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:vmware:fusion";...

CVE-2017-4901

The drag-and-drop DnD function in VMware Workstation 12.x before version 12.5.4 and Fusion 8.x before version 8.5.5 has an out-of-bounds memory access vulnerability. This may allow a guest to execute code on the operating system that runs Workstation or Fusion...