CVE-2023-24032

In Zimbra Collaboration Suite through 9.0 and 8.8.15, an attacker who has initial user access to a Zimbra server instance can execute commands as root by passing one of JVM arguments, leading to local privilege escalation LPE...

CVE-2023-22387

Arbitrary memory overwrite when VM gets compromised in TX write leading to Memory Corruption...

CVE-2023-25765

In Jenkins Email Extension Plugin 2.93 and earlier, templates defined inside a folder were not subject to Script Security protection, allowing attackers able to define email templates in folders to bypass the sandbox protection and execute arbitrary code in the context of the Jenkins controller J...

CVE-2023-0197

NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager, where a malicious user in a guest VM can cause a NULL-pointer dereference, which may lead to denial of service...

CVE-2023-33119

Memory corruption while loading a VM from a signed VM image that is not coherent in the processor cache...

CVE-2023-42443

Vyper is a Pythonic Smart Contract Language for the Ethereum Virtual Machine EVM. In version 0.3.9 and prior, under certain conditions, the memory used by the builtins rawcall, createfromblueprint and createcopyof can be corrupted. For rawcall, the argument buffer of the call can be corrupted,...

CVE-2022-28802

Code by Zapier before 2022-08-17 allowed intra-account privilege escalation that included execution of Python or JavaScript code. In other words, Code by Zapier was providing a customer-controlled general-purpose virtual machine that unintentionally granted full access to all users of a company's...

CVE-2022-39354

SputnikVM, also called evm, is a Rust implementation of Ethereum Virtual Machine. A custom stateful precompile can use the isstatic parameter to determine if the call is executed in a static context via STATICCALL, and thus decide if stateful operations should be done. Prior to version 0.36.0, th...

CVE-2021-29511

evm is a pure Rust implementation of Ethereum Virtual Machine. Prior to the patch, when executing specific EVM opcodes related to memory operations that use evmcore::Memory::copylarge, the evm crate can over-allocate memory when it is not needed, making it possible for an attacker to perform...

CVE-2021-2234

Vulnerability in the Java VM component of Oracle Database Server. Supported versions that are affected are 12.1.0.2, 12.2.0.1, 18c and 19c. Difficult to exploit vulnerability allows low privileged attacker having Create Session privilege with network access via Oracle Net to compromise Java VM...

CVE-2021-26988

Clustered Data ONTAP versions prior to 9.3P21, 9.5P16, 9.6P12, 9.7P8 and 9.8 are susceptible to a vulnerability which could allow unauthorized tenant users to discover information related to converting a 7-Mode directory to Cluster-mode such as Storage Virtual Machine SVM names, volume names,...

CVE-2021-41619

An issue was discovered in Gradle Enterprise before 2021.1.2. There is potential remote code execution via the application startup configuration. The installation configuration user interface available to administrators allows specifying arbitrary Java Virtual Machine startup options. Some of the...

CVE-2020-3959

VMware ESXi 6.7 before ESXi670-202004101-SG and 6.5 before ESXi650-202005401-SG, VMware Workstation 15.x before 15.1.0 and VMware Fusion 11.x before 11.1.0 contain a memory leak vulnerability in the VMCI module. A malicious actor with local non-administrative access to a virtual machine may be ab...

CVE-2020-3958

VMware ESXi 6.7 before ESXi670-202004101-SG and 6.5 before ESXi650-202005401-SG, VMware Workstation 15.x before 15.5.2 and VMware Fusion 11.x before 11.5.2 contain a denial-of-service vulnerability in the shader functionality. Successful exploitation of this issue may allow attackers with...

CVE-2020-3967

VMware ESXi 7.0 before ESXi7.0.0-1.20.16321839, 6.7 before ESXi670-202004101-SG and 6.5 before ESXi650-202005401-SG, Workstation 15.x before 15.5.5, and Fusion 11.x before 11.5.5 contain a heap-overflow vulnerability in the USB 2.0 controller EHCI. A malicious actor with local access to a virtual...

CVE-2019-5696

NVIDIA Virtual GPU Manager, all versions, contains a vulnerability in which the provision of an incorrectly sized buffer by a guest VM leads to GPU out-of-bound access, which may lead to a denial of service...

CVE-2002-2072

java.security.AccessController in Sun Java Virtual Machine JVM in JRE 1.2.2 and 1.3.1 allows remote attackers to cause a denial of service JVM crash via a Java program that calls the doPrivileged method with a null argument...

CVE-1999-0766

The Microsoft Java Virtual Machine allows a malicious Java applet to execute arbitrary commands outside of the sandbox environment...

VoteMate: a Decentralized Application for Scalable Electronic Voting on EVM-Based Blockchain

Voting is a cornerstone of democracy, allowing citizens to express their will and make collective decisions. With advancing technology, online voting is gaining popularity as it enables voting from anywhere with Internet access, eliminating the need for printed ballots or polling stations. Howeve...

The vulnerability of the Broker VM platform’s security layer, Cortex XDR, arises from improper code generation management, allowing attackers to execute arbitrary code.

The vulnerability of the Broker VM platform’s security platform, Cortex XDR, is related to incorrect code generation management. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...