4438 matches found
UBUNTU-CVE-2023-46842
Unlike 32-bit PV guests, HVM guests may switch freely between 64-bit and other modes. This in particular means that they may set registers used to pass 32-bit-mode hypercall arguments to values outside of the range 32-bit code would be able to set them to. When processing of hypercalls takes a...
kernel: untrusted VMM can trigger int80 syscall handling
A flaw was found in the Linux kernel. A VMM can inject external interrupts on any arbitrary vector at any time, which may allow the guest OS to be manipulated from the VMM side...
CVE-2024-22270
VMware Workstation and Fusion contain an information disclosure vulnerability in the Host Guest File Sharing HGFS functionality. A malicious actor with local administrative privileges on a virtual machine may be able to read privileged information contained in hypervisor memory from a virtual...
CVE-2024-22269
VMware Workstation and Fusion contain an information disclosure vulnerability in the vbluetooth device. A malicious actor with local administrative privileges on a virtual machine may be able to read privileged information contained in hypervisor memory from a virtual machine...
CVE-2024-22269
VMware Workstation and Fusion contain an information disclosure vulnerability in the vbluetooth device. A malicious actor with local administrative privileges on a virtual machine may be able to read privileged information contained in hypervisor memory from a virtual machine...
CVE-2024-22268
VMware Workstation and Fusion contain a heap buffer-overflow vulnerability in the Shader functionality. A malicious actor with non-administrative access to a virtual machine with 3D graphics enabled may be able to exploit this vulnerability to create a denial of service condition...
CVE-2024-22270
VMware Workstation and Fusion contain an information disclosure vulnerability in the Host Guest File Sharing HGFS functionality. A malicious actor with local administrative privileges on a virtual machine may be able to read privileged information contained in hypervisor memory from a virtual...
CVE-2024-22270
VMware Workstation and Fusion contain an information disclosure vulnerability in the Host Guest File Sharing HGFS functionality. A malicious actor with local administrative privileges on a virtual machine may be able to read privileged information contained in hypervisor memory from a virtual...
CVE-2024-22269
VMware Workstation and Fusion contain an information disclosure vulnerability in the vbluetooth device. A malicious actor with local administrative privileges on a virtual machine may be able to read privileged information contained in hypervisor memory from a virtual machine...
CVE-2024-22269
VMware Workstation and Fusion contain an information disclosure vulnerability in the vbluetooth device. A malicious actor with local administrative privileges on a virtual machine may be able to read privileged information contained in hypervisor memory from a virtual machine...
CVE-2024-22267
CVE-2024-22267 affects VMware Workstation and Fusion. A use-after-free in the vbluetooth device can allow a malicious actor with local privileges inside a VM to execute code in the host VMX process. The issue is documented with high/severe impact (confidentiality/integrity/availability at risk). ...
CVE-2024-22267
VMware Workstation and Fusion contain a use-after-free vulnerability in the vbluetooth device. A malicious actor with local administrative privileges on a virtual machine may exploit this issue to execute code as the virtual machine's VMX process running on the host...
RHEL 6 : spice (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - spice: multiple buffer overflow vulnerabilities in QUIC decoding code CVE-2020-14355 - An issue was...
Qualcomm Chipsets 安全漏洞
Qualcomm Chipsets are a family of chipsets from Qualcomm Incorporated USA. A security vulnerability exists in Qualcomm Chipsets that originates from a memory corruption when loading a VM from an inconsistent signed VM image in the processor cache...
PT-2024-12420 · Qualcomm · Snapdragon +141
Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided descriptions. Description: The issue involves memory corruption that occurs while loading a VM from a signed VM image that is not coherent in the processor cache. This is a...
SUSE CVE-2024-26953
In the Linux kernel, the following vulnerability has been resolved: net: esp: fix bad handling of pages from pagepool When the skb is reorganized during espoutput !esp-inline, the pages coming from the original skb fragments are supposed to be released back to the system through putpage. But if t...
SUSE CVE-2024-26976
In the Linux kernel, the following vulnerability has been resolved: KVM: Always flush async PF workqueue when vCPU is being destroyed Always flush the per-vCPU async PF workqueue when a vCPU is clearing its completion queue, e.g. when a VM and all its vCPUs is being destroyed. KVM must ensure tha...
Corel Parallels Desktop 安全漏洞
Corel Parallels Desktop is a suite of virtual machine software for the macOS platform from Canada's Corel Digital Technology Corel. A security vulnerability exists in Corel Parallels Desktop that stems from a specific flaw in the virtio-gpu virtual appliance that lacks proper validation of...
Corel Parallels Desktop 安全漏洞
Corel Parallels Desktop is a suite of virtual machine software for the macOS platform from Canada's Corel Digital Technology Corel. A security vulnerability exists in Corel Parallels Desktop Service that stems from an XML injection vulnerability in the Toolgate component...
Corel Parallels Desktop 安全漏洞
Corel Parallels Desktop is a suite of virtual machine software for the macOS platform from Canada's Corel Digital Technology Corel. A security vulnerability exists in Corel Parallels Desktop that stems from a specific flaw in the updater service that can be abused to move arbitrary files by...