Lucene search
K

1799 matches found

SUSE CVE
SUSE CVE
added 2025/11/19 12:35 a.m.4 views

SUSE CVE-2025-13193

A flaw was found in libvirt. External inactive snapshots for shut-down VMs are incorrectly created as world-readable, making it possible for unprivileged users to inspect the guest OS contents. This results in an information disclosure vulnerability...

5.5CVSS6AI score0.00107EPSS
Exploits0References13
RedhatCVE
RedhatCVE
added 2025/11/17 10:59 p.m.2 views

CVE-2025-64434

KubeVirt is a virtual machine management add-on for Kubernetes. Prior to 1.5.3 and 1.6.1, due to the peer verification logic in virt-handler via verifyPeerCert, an attacker who compromises a virt-handler instance, could exploit these shared credentials to impersonate virt-api and execute privileg...

6.5CVSS6.9AI score0.00181EPSS
Exploits1References7
EUVD
EUVD
added 2025/11/17 6:30 p.m.3 views

EUVD-2025-197850

A flaw was found in libvirt. External inactive snapshots for shut-down VMs are incorrectly created as world-readable, making it possible for unprivileged users to inspect the guest OS contents. This results in an information disclosure vulnerability...

5.5CVSS5.4AI score0.00107EPSS
Exploits0References3
OSV
OSV
added 2025/11/17 5:15 p.m.6 views

UBUNTU-CVE-2025-13193

A flaw was found in libvirt. External inactive snapshots for shut-down VMs are incorrectly created as world-readable, making it possible for unprivileged users to inspect the guest OS contents. This results in an information disclosure vulnerability...

5.5CVSS5.7AI score0.00107EPSS
Exploits0References3
AlpineLinux
AlpineLinux
added 2025/11/17 5:3 p.m.3 views

CVE-2025-13193

A flaw was found in libvirt. External inactive snapshots for shut-down VMs are incorrectly created as world-readable, making it possible for unprivileged users to inspect the guest OS contents. This results in an information disclosure vulnerability...

5.5CVSS8.1AI score0.00107EPSS
Exploits0
Cvelist
Cvelist
added 2025/11/17 5:3 p.m.9 views

CVE-2025-13193 Libvirt: information disclosure via world-readable vm snapshots

A flaw was found in libvirt. External inactive snapshots for shut-down VMs are incorrectly created as world-readable, making it possible for unprivileged users to inspect the guest OS contents. This results in an information disclosure vulnerability...

5.5CVSS0.00107EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/11/17 5:3 p.m.3 views

CVE-2025-13193 Libvirt: information disclosure via world-readable vm snapshots

A flaw was found in libvirt. External inactive snapshots for shut-down VMs are incorrectly created as world-readable, making it possible for unprivileged users to inspect the guest OS contents. This results in an information disclosure vulnerability...

5.5CVSS5.5AI score0.00107EPSS
Exploits0References2
CVE
CVE
added 2025/11/17 5:3 p.m.553 views

CVE-2025-13193

Affects libvirt-based virtualization. CVE-2025-13193 causes external inactive snapshots for shut-down VMs to be world-readable, enabling information disclosure by unprivileged users. Public sources (Unity Linux UTSA-2025-993329; openSUSE openSUSE-SU-2025-20100-1; SUSE SUSE-SU-2026:0279-1) describ...

5.5CVSS5.6AI score0.00107EPSS
Exploits0References2
The Hacker News
The Hacker News
added 2025/11/10 12:51 p.m.18 views

⚡ Weekly Recap: Hyper-V Malware, Malicious AI Bots, RDP Exploits, WhatsApp Lockdown and More

Cyber threats didn't slow down last week—and attackers are getting smarter. We're seeing malware hidden in virtual machines, side-channel leaks exposing AI chats, and spyware quietly targeting Android devices in the wild. But that's just the surface. From sleeper logic bombs to a fresh alliance...

9.9CVSS7.3AI score0.95151EPSS
Exploits43
Fedora
Fedora
added 2025/11/09 3:19 a.m.7 views

[SECURITY] Fedora 42 Update: xen-4.19.3-8.fc42

This package contains the XenD daemon and xm command line tools, needed to manage virtual machines running under the Xen hypervisor...

7.5CVSS7AI score0.00396EPSS
Exploits0
Snyk
Snyk
added 2025/11/07 11:46 p.m.2 views

Incorrect Default Permissions

Overview Affected versions of this package are vulnerable to Incorrect Default Permissions due to excessive permissions granted to the virt-handler service account. An attacker can initiate unauthorized migrations of virtual machine instances to attacker-controlled nodes or mark all nodes as...

6.9CVSS5.5AI score0.00254EPSS
Exploits1References2
Fedora
Fedora
added 2025/11/07 2:36 a.m.10 views

[SECURITY] Fedora 41 Update: xen-4.19.3-7.fc41

This package contains the XenD daemon and xm command line tools, needed to manage virtual machines running under the Xen hypervisor...

7.5CVSS6.6AI score0.00396EPSS
Exploits0
Fedora
Fedora
added 2025/10/28 12:59 a.m.4 views

[SECURITY] Fedora 43 Update: xen-4.20.1-8.fc43

This package contains the XenD daemon and xm command line tools, needed to manage virtual machines running under the Xen hypervisor...

7.5CVSS7AI score0.00396EPSS
Exploits0
GithubExploit
GithubExploit
added 2025/10/26 12:25 p.m.207 views

Exploit for CVE-2025-62376

Improper Authentication in pwn.college DOJO Education Platform...

9.5CVSS6.7AI score0.00566EPSS
Exploits2
GithubExploit
GithubExploit
added 2025/10/16 9:51 a.m.237 views

Exploit for CVE-2025-62376

CVE-2025-62376: Local Privilege Escalation Exploit for Sudo...

9.5CVSS6.8AI score0.00566EPSS
Exploits2
RedhatCVE
RedhatCVE
added 2025/10/16 9:50 a.m.18 views

CVE-2025-62376

pwn.college DOJO is an education platform for learning cybersecurity. Prior to commit 467db0b9ea0d9a929dc89b41f6eb59f7cfc68bef, the /workspace endpoint contains an improper authentication vulnerability that allows an attacker to access any active Windows VM without proper authorization. The...

9.5CVSS6.9AI score0.00566EPSS
Exploits2References1
Virtuozzo
Virtuozzo
added 2025/10/14 12:0 a.m.18 views

Virtuozzo Hybrid Infrastructure 6.2 Update 1 Hotfix 7 (6.2.1-97)

This update provides stability fixes and support for cumulative updates. Clusters running version 6.2.1 or later can now upgrade directly to the latest available version in a single step. Vulnerability id: VSTOR-91715 Failed to retry updating the kernel. Vulnerability id: VSTOR-93149, VSTOR-10082...

6.9AI score
Exploits0
NVD
NVD
added 2025/10/13 9:15 p.m.3 views

CVE-2025-61688

Omni manages Kubernetes on bare metal, virtual machines, or in a cloud. Prior to 1.1.5 and 1.0.2, Omni might leak sensitive information via an API...

8.6CVSS0.00291EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/10/13 8:46 p.m.9 views

CVE-2025-61688 Omni leaks information via the API

Omni manages Kubernetes on bare metal, virtual machines, or in a cloud. Prior to 1.1.5 and 1.0.2, Omni might leak sensitive information via an API...

8.6CVSS0.00291EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/10/13 12:0 a.m.4 views

PT-2025-41806

Name of the Vulnerable Software and Affected Versions Omni versions prior to 1.1.5 Omni versions prior to 1.0.2 Description Omni, a platform for managing Kubernetes, may disclose sensitive information through an API endpoint in affected versions. The platform operates on bare metal, virtual...

8.6CVSS6.1AI score0.00291EPSS
Exploits0References14
Rows per page
Query Builder