1732 matches found
Malicious Package
Overview @cloudplatform-single-spa/vcenter-virtual-machines is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that...
Formal Verification of Secure Encrypted Virtualization
Trusted execution environments TEEs provide a secure environment for data and code in use, ensuring that they are protected with respect to confidentiality and integrity. Virtual machine VM-based TEEs utilize virtualization technology to create isolated execution spaces that can support a complet...
NICE: A Framework for Declarative and Machine-Checkable Vulnerability Reproduction
Reproducing software vulnerabilities is fundamental to security researchers, open-source maintainers, and educators. Yet, vulnerabilities remain hard to reproduce today, and even when they can be reproduced, recreating a software environment where the vulnerability can be exploited becomes harder...
CVE-2025-35979
A flaw was found in the kernel. This vulnerability, affecting some IntelR Processors, involves shared microarchitectural predictor state that influences transient execution within VMX non-root guest operation. An unprivileged software adversary with an authenticated user can exploit this locally ...
[SECURITY] Fedora 44 Update: xen-4.21.1-3.fc44
This package contains the XenD daemon and xm command line tools, needed to manage virtual machines running under the Xen hypervisor...
[SECURITY] Fedora 43 Update: xen-4.20.3-3.fc43
This package contains the XenD daemon and xm command line tools, needed to manage virtual machines running under the Xen hypervisor...
[SECURITY] Fedora 43 Update: rust-coreos-installer-0.26.0-2.fc43
coreos-installer installs Fedora CoreOS or RHEL CoreOS to bare-metal machines or, occasionally, to virtual machines...
[SECURITY] Fedora 44 Update: rust-coreos-installer-0.26.0-2.fc44
coreos-installer installs Fedora CoreOS or RHEL CoreOS to bare-metal machines or, occasionally, to virtual machines...
Do You Dare to Try Test-Driven Forensics? Increasing Trust in Desktop Forensics with ADARE
Digital forensic relies on validated tools and established procedures, yet the underlying operating systems, applications, and analysis tools evolve rapidly. This evolution can cause artifact behavior and tool outputs to drift, silently degrading repeatability and confidence in long-lived forensi...
ROS-20260524-73-0006
A vulnerability in the JGSS component of the Oracle Java SE software platform, Oracle GraalVM for JDK and Oracle GraalVM Enterprise Edition virtual machines is associated with a breach of the data protection mechanism. Exploitation of the vulnerability could allow a remote attacker to gain...
Astra Linux - уязвимость в linux-6.1
In the Linux kernel, the following vulnerability has been resolved: Drivers: hv: vmbus: Track the decryption status in vmbusgpadl. In CoCo VMs, it is possible for the untrusted host to cause setmemoryencrypted or setmemorydecrypted to fail, resulting in an error and the shared memory being...
Moderate: Red Hat Security Advisory: edk2 security update
An update for edk2 is now available for Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...
ALSA-2026:18465 Important: edk2 security update
EDK Embedded Development Kit is a project to enable UEFI support for Virtual Machines. This package contains a sample 64-bit UEFI firmware for QEMU and KVM. Security Fixes: edk2: EDK2: Improper Input Validation allows arbitrary command execution CVE-2025-2296 For more details about the security...
AMD多款产品 安全漏洞
The AMD Instinct MI210, among others, are GPU acceleration cards produced by American semiconductor company AMD. Several AMD products have security vulnerabilities. These vulnerabilities stem from improper cleanup of shared register resources, which may allow attackers with administrator privileg...
[SECURITY] Fedora 42 Update: xen-4.19.5-2.fc42
This package contains the XenD daemon and xm command line tools, needed to manage virtual machines running under the Xen hypervisor...
CVE-2026-25199 Apache CloudStack: Proxmox Extension Allows Unauthorized Cross-Tenant Instance Access
Instances deployed via the Proxmox extension allow unauthorized access to instances belonging to other tenants. This issue affects Apache CloudStack: from 4.21.0.0 through 4.22.0.0. The Proxmox extension for CloudStack improperly uses a user-editable instance setting, proxmoxvmid, to associate...
CVE-2025-66171 Apache CloudStack: Any user can create a new VM from backups they should not have access to
The CloudStack Backup plugin has an improper access logic in versions 4.21.0.0 and 4.22.0.0. Anyone with authenticated user-account access in CloudStack 4.21.0.0+ environments, where this plugin is enabled and have access to specific APIs can create new VMs using backups of any other user of the...
Apache CloudStack 信息泄露漏洞
Apache CloudStack is an IaaS cloud computing platform developed by the Apache Foundation in the United States. This platform is primarily used for deploying and managing large-scale virtual machine networks. Versions 4.21.0.0 to 4.22.0.0 of Apache CloudStack contained a vulnerability related to...
Apache CloudStack 安全漏洞
Apache CloudStack is an IaaS cloud computing platform developed by the Apache Foundation in the United States. This platform is primarily used for deploying and managing large-scale virtual machine networks. Versions 4.21.0.0 and 4.22.0.0 of Apache CloudStack contain security vulnerabilities. The...
Apache CloudStack 安全漏洞
Apache CloudStack is an IaaS cloud computing platform developed by the Apache Foundation in the United States. This platform is primarily used for deploying and managing large-scale virtual machine networks. Versions 4.21.0.0 and 4.22.0.0 of Apache CloudStack contain security vulnerabilities. The...