171 matches found
CVE-2009-3282
Integer overflow in the vmx86 kernel extension in VMware Fusion before 2.0.6 build 196839 allows host OS users to cause a denial of service to the host OS via unspecified vectors...
CVE-2025-0134
A code injection vulnerability in the Palo Alto Networks Cortex XDR® Broker VM allows an authenticated user to execute arbitrary code with root privileges on the host operating system running Broker VM...
PT-2025-16001 · Palo Alto Networks · Palo Alto Networks Cortex Xdr Broker Vm
Name of the Vulnerable Software and Affected Versions: Palo Alto Networks Cortex XDR Broker VM affected versions not specified Description: A command injection issue in the Palo Alto Networks Cortex XDR Broker VM allows an authenticated user to execute arbitrary OS commands with root privileges o...
Cortex XDR Broker VM: Authenticated Command Injection Vulnerability in Broker VM
A command injection vulnerability in the Palo Alto Networks Cortex XDR® Broker VM allows an authenticated user to execute arbitrary OS commands with root privileges on the host operating system running Broker VM. Work around: There are no known workarounds or mitigations for this issue...
CVE-2022-37903
A vulnerability exists that allows an authenticated attacker to overwrite an arbitrary file with attacker-controlled content via the web interface. Successful exploitation of this vulnerability could lead to full compromise the underlying host operating system...
PT-2025-23571 · Qualcomm · Snapdragon
Name of the Vulnerable Software and Affected Versions: The product name cannot be determined. Description: Memory corruption may occur while attaching a virtual machine VM when the Host Operating System HLOS retains access to the VM. Recommendations: At the moment, there is no information about a...
Leaky Vessels in Cloud Environments Shake Docker and Beyond
Summary: Four vulnerabilities, collectively termed Leaky Vessels, have been uncovered within container engine components, specifically affecting the runC command line tool. In the most severe instances, illicit entry into the underlying host operating system could result in the compromise of vita...
CVE-2024-0340
A vulnerability was found in vhostnewmsg in drivers/vhost/vhost.c in the Linux kernel, which does not properly initialize memory in messages passed between virtual guests and the host operating system in the vhost/vhost.c:vhostnewmsg function. This issue can allow local privileged users to read...
Design/Logic Flaw
A vulnerability was found in vhostnewmsg in drivers/vhost/vhost.c in the Linux kernel, which does not properly initialize memory in messages passed between virtual guests and the host operating system in the vhost/vhost.c:vhostnewmsg function. This issue can allow local privileged users to read...
WordPress plugin Backup Migration security vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...
CVE-2023-40377 IBM i privilege escalation
Backup, Recovery, and Media Services BRMS for IBM i 7.2, 7.3, and 7.4 contains a local privilege escalation vulnerability. A malicious actor with command line access to the host operating system can elevate privileges to gain component access to the host operating system. IBM X-Force ID: 263583...
CVE-2023-40378
IBM Directory Server for IBM i contains a local privilege escalation vulnerability. A malicious actor with command line access to the host operating system can elevate privileges to gain component access to the host operating system. IBM X-Force ID: 263584...
Privilege escalation
IBM Directory Server for IBM i contains a local privilege escalation vulnerability. A malicious actor with command line access to the host operating system can elevate privileges to gain component access to the host operating system. IBM X-Force ID: 263584...
IBM i Security Vulnerabilities
IBM i is a suite of operating systems from International Business Machines IBM running in IBM Power Systems and IBM PureSystems. IBM i has a security vulnerability that stems from the inclusion of a local elevation of privilege vulnerability. A malicious actor accessing the host operating system...
Qualcomm Chip Input Validation Error Vulnerability
A Qualcomm chip is a chip from Qualcomm Incorporated USA. A way to miniaturize circuits mainly semiconductor devices, but also passive components, etc. and are often manufactured on the surface of semiconductor wafers. The Qualcomm chip suffers from an input validation error vulnerability that...
PT-2023-24150 · Qualcomm · Snapdragon +119
Name of the Vulnerable Software and Affected Versions: No specific software name or affected versions are mentioned in the provided descriptions. Description: The issue involves memory corruption in the DSP Service during a remote call from HLOS to DSP. No information is provided about the...
IBM i Security Vulnerabilities
IBM i is a suite of operating systems from International Business Machines IBM running in IBM Power Systems and IBM PureSystems. A security vulnerability exists in IBM i versions 7.2, 7.3, 7.4, and 7.5. An attacker exploiting this vulnerability could elevate privileges to gain root access to the...
PT-2023-21792 · Qualcomm · Snapdragon +184
Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided descriptions. Description: The issue involves memory corruption in WLAN when sending a transmit command from HLOS to UTF handlers. No information is provided about the estimated...
CVE-2023-32679 Remote Code Execution via unrestricted file extension in Craft CMS
Craft CMS is an open source content management system. In affected versions of Craft CMS an unrestricted file extension may lead to Remote Code Execution. If the name parameter value is not empty string'' in the View.php's doesTemplateExist - resolveTemplate - resolveTemplateInternal -...
Privilege escalation
VMware Fusion contains a local privilege escalation vulnerability. A malicious actor with read/write access to the host operating system can elevate privileges to gain root access to the host operating system...