40 matches found
CVE-2025-66171
The CloudStack Backup plugin has an improper access logic in versions 4.21.0.0 and 4.22.0.0. Anyone with authenticated user-account access in CloudStack 4.21.0.0+ environments, where this plugin is enabled and have access to specific APIs can create new VMs using backups of any other user of the...
EUVD-2025-209741
The CloudStack Backup plugin has an improper access logic in versions 4.21.0.0 and 4.22.0.0. Anyone with authenticated user-account access in CloudStack 4.21.0.0+ environments, where this plugin is enabled and have access to specific APIs can create new VMs using backups of any other user of the...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: drm/xe/vm: moved xesvminit earlier. In xevmcloseandput, we need to be able to call xesvmfini. However, during vm creation, we can call this function on the error path, before actually initializing the svm state. This leads to...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: KVM: Initialize gfntopfncache locks in dedicated helper Move the gfntopfncache lock initialization to another helper and call the new helper during VM/vCPU creation. There are race conditions possible due to the ability of...
EUVD-2025-6653
Malicious code in bioql PyPI...
CVE-2025-38309 drm/xe/vm: move xe_svm_init() earlier
In the Linux kernel, the following vulnerability has been resolved: drm/xe/vm: move xesvminit earlier In xevmcloseandput we need to be able to call xesvmfini, however during vm creation we can call this on the error path, before having actually initialised the svm state, leading to various splats...
CVE-2022-50081
Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...
CVE-2022-50081
...
CVE-2022-50081
CVE-2022-50081 is rejected and not an active vulnerability entry.
CVE-2022-49932
In the Linux kernel, the following vulnerability has been resolved: KVM: VMX: Do all initialization before exposing /dev/kvm to userspace Call kvminit only after all setup is complete, as kvminit exposes /dev/kvm to userspace and thus allows userspace to create VMs and call other ioctls. E.g. KVM...
DEBIAN-CVE-2022-49932
In the Linux kernel, the following vulnerability has been resolved: KVM: VMX: Do all initialization before exposing /dev/kvm to userspace Call kvminit only after all setup is complete, as kvminit exposes /dev/kvm to userspace and thus allows userspace to create VMs and call other ioctls. E.g. KVM...
CVE-2022-49932 KVM: VMX: Do _all_ initialization before exposing /dev/kvm to userspace
In the Linux kernel, the following vulnerability has been resolved: KVM: VMX: Do all initialization before exposing /dev/kvm to userspace Call kvminit only after all setup is complete, as kvminit exposes /dev/kvm to userspace and thus allows userspace to create VMs and call other ioctls. E.g. KVM...
CVE-2022-49932 KVM: VMX: Do _all_ initialization before exposing /dev/kvm to userspace
In the Linux kernel, the following vulnerability has been resolved: KVM: VMX: Do all initialization before exposing /dev/kvm to userspace Call kvminit only after all setup is complete, as kvminit exposes /dev/kvm to userspace and thus allows userspace to create VMs and call other ioctls. E.g. KVM...
DEBIAN-CVE-2022-49884
In the Linux kernel, the following vulnerability has been resolved: KVM: Initialize gfntopfncache locks in dedicated helper Move the gfntopfncache lock initialization to another helper and call the new helper during VM/vCPU creation. There are race conditions possible due to kvmgfntopfncacheinit'...
CVE-2022-49884 KVM: Initialize gfn_to_pfn_cache locks in dedicated helper
In the Linux kernel, the following vulnerability has been resolved: KVM: Initialize gfntopfncache locks in dedicated helper Move the gfntopfncache lock initialization to another helper and call the new helper during VM/vCPU creation. There are race conditions possible due to kvmgfntopfncacheinit'...
CVE-2022-49884 KVM: Initialize gfn_to_pfn_cache locks in dedicated helper
In the Linux kernel, the following vulnerability has been resolved: KVM: Initialize gfntopfncache locks in dedicated helper Move the gfntopfncache lock initialization to another helper and call the new helper during VM/vCPU creation. There are race conditions possible due to kvmgfntopfncacheinit'...
CVE-2025-30074
Alludo Parallels Desktop before 19.4.2 and 20.x before 20.2.2 for macOS on Intel platforms allows privilege escalation to root via the VM creation routine...
Parallels Desktop 安全漏洞
Parallels Desktop is a suite of virtual machine software for the macOS platform from US-based Parallels, Inc. A security vulnerability exists in Parallels Desktop versions prior to 19.4.2 and 20.x prior to 20.2.2, which stems from a VM creation routine that allows privileges to be elevated to roo...
CVE-2025-30074
Alludo Parallels Desktop before 19.4.2 and 20.x before 20.2.2 for macOS on Intel platforms allows privilege escalation to root via the VM creation routine...
Cannot Create Catalog from Azure VM with Trusted Launch Enabled
Error Attempting to create a catalog using an Azure Trusted Launch enabled image results in the following error: "CreateTerminatingError in operation PreparingMasterImage with message Error starting machine. Security type of VM is not compatible with the security type of attached OS Disk." Soluti...