1799 matches found
SUSE CVE-2025-13193
A flaw was found in libvirt. External inactive snapshots for shut-down VMs are incorrectly created as world-readable, making it possible for unprivileged users to inspect the guest OS contents. This results in an information disclosure vulnerability...
CVE-2025-64434
KubeVirt is a virtual machine management add-on for Kubernetes. Prior to 1.5.3 and 1.6.1, due to the peer verification logic in virt-handler via verifyPeerCert, an attacker who compromises a virt-handler instance, could exploit these shared credentials to impersonate virt-api and execute privileg...
EUVD-2025-197850
A flaw was found in libvirt. External inactive snapshots for shut-down VMs are incorrectly created as world-readable, making it possible for unprivileged users to inspect the guest OS contents. This results in an information disclosure vulnerability...
UBUNTU-CVE-2025-13193
A flaw was found in libvirt. External inactive snapshots for shut-down VMs are incorrectly created as world-readable, making it possible for unprivileged users to inspect the guest OS contents. This results in an information disclosure vulnerability...
CVE-2025-13193
A flaw was found in libvirt. External inactive snapshots for shut-down VMs are incorrectly created as world-readable, making it possible for unprivileged users to inspect the guest OS contents. This results in an information disclosure vulnerability...
CVE-2025-13193 Libvirt: information disclosure via world-readable vm snapshots
A flaw was found in libvirt. External inactive snapshots for shut-down VMs are incorrectly created as world-readable, making it possible for unprivileged users to inspect the guest OS contents. This results in an information disclosure vulnerability...
CVE-2025-13193 Libvirt: information disclosure via world-readable vm snapshots
A flaw was found in libvirt. External inactive snapshots for shut-down VMs are incorrectly created as world-readable, making it possible for unprivileged users to inspect the guest OS contents. This results in an information disclosure vulnerability...
CVE-2025-13193
Affects libvirt-based virtualization. CVE-2025-13193 causes external inactive snapshots for shut-down VMs to be world-readable, enabling information disclosure by unprivileged users. Public sources (Unity Linux UTSA-2025-993329; openSUSE openSUSE-SU-2025-20100-1; SUSE SUSE-SU-2026:0279-1) describ...
⚡ Weekly Recap: Hyper-V Malware, Malicious AI Bots, RDP Exploits, WhatsApp Lockdown and More
Cyber threats didn't slow down last week—and attackers are getting smarter. We're seeing malware hidden in virtual machines, side-channel leaks exposing AI chats, and spyware quietly targeting Android devices in the wild. But that's just the surface. From sleeper logic bombs to a fresh alliance...
[SECURITY] Fedora 42 Update: xen-4.19.3-8.fc42
This package contains the XenD daemon and xm command line tools, needed to manage virtual machines running under the Xen hypervisor...
Incorrect Default Permissions
Overview Affected versions of this package are vulnerable to Incorrect Default Permissions due to excessive permissions granted to the virt-handler service account. An attacker can initiate unauthorized migrations of virtual machine instances to attacker-controlled nodes or mark all nodes as...
[SECURITY] Fedora 41 Update: xen-4.19.3-7.fc41
This package contains the XenD daemon and xm command line tools, needed to manage virtual machines running under the Xen hypervisor...
[SECURITY] Fedora 43 Update: xen-4.20.1-8.fc43
This package contains the XenD daemon and xm command line tools, needed to manage virtual machines running under the Xen hypervisor...
Exploit for CVE-2025-62376
Improper Authentication in pwn.college DOJO Education Platform...
Exploit for CVE-2025-62376
CVE-2025-62376: Local Privilege Escalation Exploit for Sudo...
CVE-2025-62376
pwn.college DOJO is an education platform for learning cybersecurity. Prior to commit 467db0b9ea0d9a929dc89b41f6eb59f7cfc68bef, the /workspace endpoint contains an improper authentication vulnerability that allows an attacker to access any active Windows VM without proper authorization. The...
Virtuozzo Hybrid Infrastructure 6.2 Update 1 Hotfix 7 (6.2.1-97)
This update provides stability fixes and support for cumulative updates. Clusters running version 6.2.1 or later can now upgrade directly to the latest available version in a single step. Vulnerability id: VSTOR-91715 Failed to retry updating the kernel. Vulnerability id: VSTOR-93149, VSTOR-10082...
CVE-2025-61688
Omni manages Kubernetes on bare metal, virtual machines, or in a cloud. Prior to 1.1.5 and 1.0.2, Omni might leak sensitive information via an API...
CVE-2025-61688 Omni leaks information via the API
Omni manages Kubernetes on bare metal, virtual machines, or in a cloud. Prior to 1.1.5 and 1.0.2, Omni might leak sensitive information via an API...
PT-2025-41806
Name of the Vulnerable Software and Affected Versions Omni versions prior to 1.1.5 Omni versions prior to 1.0.2 Description Omni, a platform for managing Kubernetes, may disclose sensitive information through an API endpoint in affected versions. The platform operates on bare metal, virtual...