PT-2025-33809

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The Linux kernel contains a flaw in the vmci subsystem where uninitialized payloads can be dispatched. This occurs when the init context function fails, leading to incomplete...

Security-As-A-Function for IDS/IPS in Softwarized Network and Applications to 5G Network Systems

The service-based architecture of 5G network allows network operators to place virtualized network functions on commodity hardware, unlike the traditional vendor-specific hardware-based functionalities. However, it expands the security vulnerabilities and threats to the 5G network. While there...

Linux Distros Unpatched Vulnerability : CVE-2018-19976

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In YARA 3.8.1, bytecode in a specially crafted compiled rule is exposed to information about its environment, in libyara/exec.c. This is a consequence of the...

Linux Distros Unpatched Vulnerability : CVE-2025-38367

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: LoongArch: KVM: Avoid overflow with array index The variable index is modified and reused as...

Linux Distros Unpatched Vulnerability : CVE-2025-38366

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: LoongArch: KVM: Check validity of numcpu from user space The maximum supported cpu number is...

CVE-2025-7342

A security issue was discovered in the Kubernetes Image Builder where default credentials are enabled during the Windows image build process when using the Nutanix or VMware OVA providers. These credentials, which allow root access, are disabled at the conclusion of the build. Kubernetes clusters...

CVE-2025-7342 VM images built with Kubernetes Image Builder Nutanix or OVA providers use default credentials for Windows images if user did not override

A security issue was discovered in the Kubernetes Image Builder where default credentials are enabled during the Windows image build process when using the Nutanix or VMware OVA providers. These credentials, which allow root access, are disabled at the conclusion of the build. Kubernetes clusters...

CVE-2025-38551 virtio-net: fix recursived rtnl_lock() during probe()

In the Linux kernel, the following vulnerability has been resolved: virtio-net: fix recursived rtnllock during probe The deadlock appears in a stack trace like: virtnetprobe rtnllock virtioconfigchangedwork netdevnotifypeers rtnllock It happens if the VMM sends a VIRTIONETSANNOUNCE request while...

CVE-2025-38551

In the Linux kernel, the following vulnerability has been resolved: virtio-net: fix recursived rtnllock during probe The deadlock appears in a stack trace like: virtnetprobe rtnllock virtioconfigchangedwork netdevnotifypeers rtnllock It happens if the VMM sends a VIRTIONETSANNOUNCE request while...

CVE-2025-38551 virtio-net: fix recursived rtnl_lock() during probe()

In the Linux kernel, the following vulnerability has been resolved: virtio-net: fix recursived rtnllock during probe The deadlock appears in a stack trace like: virtnetprobe rtnllock virtioconfigchangedwork netdevnotifypeers rtnllock It happens if the VMM sends a VIRTIONETSANNOUNCE request while...

CVE-2025-2184

A credential management flaw in Palo Alto Networks Cortex XDR® Broker VM causes different Broker VM images to share identical default credentials for internal services. Users knowing these default credentials could access internal services on other Broker VM installations. The attacker must have...

Linux Distros Unpatched Vulnerability : CVE-2021-3656

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in the KVM's AMD code for supporting SVM nested virtualization. The flaw occurs when processing the VMCB virtual machine control block provided...

Linux Distros Unpatched Vulnerability : CVE-2025-37885

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - KVM: x86: Reset IRTE to host control if new route isn't postable Restore an IRTE back to host control remapped or posted MSI mode if the new GSI route prevents...

Linux Distros Unpatched Vulnerability : CVE-2025-37957

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - KVM: SVM: Forcibly leave SMM mode on SHUTDOWN interception Previously, commit ed129ec9057f KVM: x86: forcibly leave nested mode on vCPU reset addressed an issue...

Linux Distros Unpatched Vulnerability : CVE-2018-1000026

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Linux Linux kernel version at least v4.8 onwards, probably well before contains a Insufficient input validation vulnerability in bnx2x network card driver that...

platzi-virtual-machine (=1.0.0) potentially affected by unknown CVE via pvm (=0.0.1-security)

pvm NPM version =0.0.1-security is affected by a known vulnerability. The following packages have a transitive dependency on pvm and may be impacted: - platzi-virtual-machine =1.0.0 Source cves: unknown CVE Source advisory: OSV:MAL-2025-30899...

Malicious code in 16bit-js-vm-model (npm)

The package 16bit-js-vm-model was found to contain malicious code...

MAL-2025-6984 Malicious code in 16bit-js-vm-model (npm)

The package 16bit-js-vm-model was found to contain malicious code...

PT-2025-37194

Name of the Vulnerable Software and Affected Versions Linux Kernel affected versions not specified Description VMScape is a vulnerability that exploits insufficient branch predictor isolation between a guest and a userspace hypervisor like QEMU. The vulnerability allows a malicious virtual machin...

CVE-2025-2184

A credential management flaw in Palo Alto Networks Cortex XDR® Broker VM causes different Broker VM images to share identical default credentials for internal services. Users knowing these default credentials could access internal services on other Broker VM installations. The attacker must have...