Lucene search
+L

171 matches found

RedhatCVE
RedhatCVE
added 2025/05/21 6:29 p.m.8 views

CVE-2009-3282

Integer overflow in the vmx86 kernel extension in VMware Fusion before 2.0.6 build 196839 allows host OS users to cause a denial of service to the host OS via unspecified vectors...

7.8CVSS6.9AI score0.01819EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2025/05/14 7:15 p.m.3 views

CVE-2025-0134

A code injection vulnerability in the Palo Alto Networks Cortex XDR® Broker VM allows an authenticated user to execute arbitrary code with root privileges on the host operating system running Broker VM...

6.5CVSS6.2AI score0.00404EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2025/04/10 12:0 a.m.10 views

PT-2025-16001 · Palo Alto Networks · Palo Alto Networks Cortex Xdr Broker Vm

Name of the Vulnerable Software and Affected Versions: Palo Alto Networks Cortex XDR Broker VM affected versions not specified Description: A command injection issue in the Palo Alto Networks Cortex XDR Broker VM allows an authenticated user to execute arbitrary OS commands with root privileges o...

6.8CVSS7.3AI score0.00515EPSS
Exploits0References10
Palo Alto Networks
Palo Alto Networks
added 2025/04/09 4:0 p.m.27 views

Cortex XDR Broker VM: Authenticated Command Injection Vulnerability in Broker VM

A command injection vulnerability in the Palo Alto Networks Cortex XDR® Broker VM allows an authenticated user to execute arbitrary OS commands with root privileges on the host operating system running Broker VM. Work around: There are no known workarounds or mitigations for this issue...

6.3CVSS8AI score0.00515EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/02/05 8:37 p.m.17 views

CVE-2022-37903

A vulnerability exists that allows an authenticated attacker to overwrite an arbitrary file with attacker-controlled content via the web interface. Successful exploitation of this vulnerability could lead to full compromise the underlying host operating system...

8.8CVSS6.7AI score0.00714EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/12/02 12:0 a.m.9 views

PT-2025-23571 · Qualcomm · Snapdragon

Name of the Vulnerable Software and Affected Versions: The product name cannot be determined. Description: Memory corruption may occur while attaching a virtual machine VM when the Host Operating System HLOS retains access to the VM. Recommendations: At the moment, there is no information about a...

7.8CVSS6.3AI score0.00075EPSS
Exploits0References7
hivepro
hivepro
added 2024/02/05 7:3 a.m.271 views

Leaky Vessels in Cloud Environments Shake Docker and Beyond

Summary: Four vulnerabilities, collectively termed Leaky Vessels, have been uncovered within container engine components, specifically affecting the runC command line tool. In the most severe instances, illicit entry into the underlying host operating system could result in the compromise of vita...

7.3AI score
Exploits0
NVD
NVD
added 2024/01/09 6:15 p.m.32 views

CVE-2024-0340

A vulnerability was found in vhostnewmsg in drivers/vhost/vhost.c in the Linux kernel, which does not properly initialize memory in messages passed between virtual guests and the host operating system in the vhost/vhost.c:vhostnewmsg function. This issue can allow local privileged users to read...

5.5CVSS5.4AI score0.00236EPSS
Exploits0References9
Prion
Prion
added 2024/01/09 6:15 p.m.29 views

Design/Logic Flaw

A vulnerability was found in vhostnewmsg in drivers/vhost/vhost.c in the Linux kernel, which does not properly initialize memory in messages passed between virtual guests and the host operating system in the vhost/vhost.c:vhostnewmsg function. This issue can allow local privileged users to read...

1.7CVSS6.5AI score0.00236EPSS
Exploits0References3Affected Software1
CNNVD
CNNVD
added 2023/12/23 12:0 a.m.6 views

WordPress plugin Backup Migration security vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

7.2CVSS7.4AI score0.45898EPSS
Exploits1References7
Vulnrichment
Vulnrichment
added 2023/10/16 12:32 a.m.19 views

CVE-2023-40377 IBM i privilege escalation

Backup, Recovery, and Media Services BRMS for IBM i 7.2, 7.3, and 7.4 contains a local privilege escalation vulnerability. A malicious actor with command line access to the host operating system can elevate privileges to gain component access to the host operating system. IBM X-Force ID: 263583...

4.9CVSS7.8AI score0.00142EPSS
Exploits0References2
OSV
OSV
added 2023/10/15 2:15 a.m.5 views

CVE-2023-40378

IBM Directory Server for IBM i contains a local privilege escalation vulnerability. A malicious actor with command line access to the host operating system can elevate privileges to gain component access to the host operating system. IBM X-Force ID: 263584...

7.8CVSS5.8AI score0.00142EPSS
Exploits0References2
Prion
Prion
added 2023/10/15 2:15 a.m.17 views

Privilege escalation

IBM Directory Server for IBM i contains a local privilege escalation vulnerability. A malicious actor with command line access to the host operating system can elevate privileges to gain component access to the host operating system. IBM X-Force ID: 263584...

4.3CVSS7.8AI score0.00142EPSS
Exploits0References2Affected Software1
CNNVD
CNNVD
added 2023/10/15 12:0 a.m.4 views

IBM i Security Vulnerabilities

IBM i is a suite of operating systems from International Business Machines IBM running in IBM Power Systems and IBM PureSystems. IBM i has a security vulnerability that stems from the inclusion of a local elevation of privilege vulnerability. A malicious actor accessing the host operating system...

7.8CVSS7.1AI score0.00142EPSS
Exploits0References3
CNNVD
CNNVD
added 2023/10/03 12:0 a.m.7 views

Qualcomm Chip Input Validation Error Vulnerability

A Qualcomm chip is a chip from Qualcomm Incorporated USA. A way to miniaturize circuits mainly semiconductor devices, but also passive components, etc. and are often manufactured on the surface of semiconductor wafers. The Qualcomm chip suffers from an input validation error vulnerability that...

7.8CVSS6.9AI score0.0011EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2023/10/02 12:0 a.m.7 views

PT-2023-24150 · Qualcomm · Snapdragon +119

Name of the Vulnerable Software and Affected Versions: No specific software name or affected versions are mentioned in the provided descriptions. Description: The issue involves memory corruption in the DSP Service during a remote call from HLOS to DSP. No information is provided about the...

8.4CVSS7AI score0.00111EPSS
Exploits0References6
CNNVD
CNNVD
added 2023/09/28 12:0 a.m.5 views

IBM i Security Vulnerabilities

IBM i is a suite of operating systems from International Business Machines IBM running in IBM Power Systems and IBM PureSystems. A security vulnerability exists in IBM i versions 7.2, 7.3, 7.4, and 7.5. An attacker exploiting this vulnerability could elevate privileges to gain root access to the...

7.8CVSS6.8AI score0.00147EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2023/09/04 12:0 a.m.9 views

PT-2023-21792 · Qualcomm · Snapdragon +184

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided descriptions. Description: The issue involves memory corruption in WLAN when sending a transmit command from HLOS to UTF handlers. No information is provided about the estimated...

7.8CVSS7.3AI score0.0011EPSS
Exploits0References7
OSV
OSV
added 2023/05/19 7:40 p.m.28 views

CVE-2023-32679 Remote Code Execution via unrestricted file extension in Craft CMS

Craft CMS is an open source content management system. In affected versions of Craft CMS an unrestricted file extension may lead to Remote Code Execution. If the name parameter value is not empty string'' in the View.php's doesTemplateExist - resolveTemplate - resolveTemplateInternal -...

7.2CVSS7.5AI score0.01845EPSS
Exploits1References3
Prion
Prion
added 2023/04/25 9:15 p.m.22 views

Privilege escalation

VMware Fusion contains a local privilege escalation vulnerability. A malicious actor with read/write access to the host operating system can elevate privileges to gain root access to the host operating system...

4.3CVSS8.2AI score0.00384EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder