119 matches found
The vulnerability of the Windows Hyper-V hardware virtualization system allows a perpetrator to execute arbitrary code.
The vulnerability of the Windows Hyper-V hardware virtualization system is related to synchronization errors when using shared resources. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...
The vulnerability of the Windows Hyper-V hardware virtualization system allows a attacker to trigger a service failure.
The vulnerability of the Windows Hyper-V hardware virtualization system is related to improper cleaning or release of resources. Exploiting this vulnerability can allow an attacker to cause a service failure...
The vulnerability of the update download section for software solutions in the Spectrum Virtualize virtualization technology allows a perpetrator to gain unauthorized access to protected information.
The vulnerability of the update download section for Spectrum Virtualize software relates to insufficient protection of operational data during the download process. Exploiting this vulnerability allows an attacker to gain unauthorized access to protected information by using the “satask...
The vulnerability of the Windows Hyper-V hardware virtualization system allows attackers to disclose protected information.
The vulnerability of the Windows Hyper-V hardware virtualization system is related to the lack of protection for mission-critical data. Exploiting this vulnerability can allow an attacker to disclose sensitive information that should be protected...
The vulnerability of the kvm_steal_time_set_preempted() function in the arch/x86/kvm/x86.c module of the Linux operating system allows a hacker to gain access to protected information.
The vulnerability of the kvmstealtimesetpreempted function in the arch/x86/kvm/x86.c module of the Linux operating system’s kernel is related to incorrect status messages for virtual processors. Exploiting this vulnerability could allow an attacker to gain access to protected information...
CVE-2023-20869
VMware Workstation 17.x and VMware Fusion 13.x contain a stack-based buffer-overflow vulnerability that exists in the functionality for sharing host Bluetooth devices with the virtual machine...
Information Disclosure
virtualbox is vulnerable to Information Disclosure. The vulnerability allows a high privileged attacker with logon to the infrastructure to compromise the application, which leads to unauthorized read access, resulting in disclosure of sensitive information...
The vulnerability of the kvm_vcpu_ioctl_x86_getdebugregss() function (arch/x86/kvm/x86.c) in the KVM virtualization subsystem of the Linux operating system allows a attacker to gain access to protected information.
The vulnerability of the kvmvcpuioctlx86getdebugregss function arch/x86/kvm/x86.c in the KVM virtualization subsystem of the Linux operating system is related to errors during initialization. Exploiting this vulnerability can allow an attacker to gain access to protected information...
USN-5970-1: Linux kernel vulnerabilities
It was discovered that the KVM VMX implementation in the Linux kernel did not properly handle indirect branch prediction isolation between L1 and L2 VMs. An attacker in a guest VM could use this to expose sensitive information from the host OS or other guest VMs. CVE-2022-2196 It was discovered...
SUSE CVE-2013-1442
Xen 4.0 through 4.3.x, when using AVX or LWP capable CPUs, does not properly clear previous data from registers when using an XSAVE or XRSTOR to extend the state components of a saved or restored vCPU after touching other restored extended registers, which allows local guest OSes to obtain...
SUSE CVE-2016-6836
The vmxnet3completepacket function in hw/net/vmxnet3.c in QEMU aka Quick Emulator allows local guest OS administrators to obtain sensitive host memory information by leveraging failure to initialize the txcqdescr object...
SUSE CVE-2017-2620
Quick emulator QEMU before 2.8 built with the Cirrus CLGD 54xx VGA Emulator support is vulnerable to an out-of-bounds access issue. The issue could occur while copying VGA data in cirrusbitbltcputovideo. A privileged user inside guest could use this flaw to crash the QEMU process OR potentially...
SUSE CVE-2019-3016
In a Linux KVM guest that has PV TLB enabled, a process in the guest kernel may be able to read memory locations from another process in the same guest. This problem is limit to the host running linux kernel 4.10 with a guest running linux kernel 4.16 or later. The problem mainly affects AMD...
SUSE CVE-2020-29567
An issue was discovered in Xen 4.14.x. When moving IRQs between CPUs to distribute the load of IRQ handling, IRQ vectors are dynamically allocated and de-allocated on the relevant CPUs. De-allocation has to happen when certain constraints are met. If these conditions are not met when first checke...
SUSE CVE-2022-1050
A flaw was found in the QEMU implementation of VMWare's paravirtual RDMA device. This flaw allows a crafted guest driver to execute HW commands when shared buffers are not yet allocated, potentially leading to a use-after-free condition...
DEBIAN-CVE-2022-2196
A regression exists in the Linux Kernel within KVM: nVMX that allowed for speculative execution attacks. L2 can carry out Spectre v2 attacks on L1 due to L1 thinking it doesn't need retpolines or IBPB after running L2 due to KVM L0 advertising eIBRS support to L1. An attacker at L2 with code...
VMware Cloud Foundation 代码问题漏洞
VMware Cloud Foundation is an all-in-one hybrid cloud platform from VMware. The platform includes features such as operations automation, infrastructure auto-configuration and integrated lifecycle management. A security vulnerability exists in VMware Cloud Foundation NSX-V that stems from the...
PT-2022-33953 · Linux · Kvm
Name of the Vulnerable Software and Affected Versions: KVM versions prior to v5.15.61 Description: The issue concerns the nVMX snapshot pre-VM-Enter BNDCFGS for the !nested run pending case. The actual impact and attack plausibility have not yet been proven. Recommendations: For versions prior to...
CVE-2022-34696
Windows Hyper-V Remote Code Execution Vulnerability...
The vulnerability of the Windows Hyper-V hardware virtualization system allows attackers to escalate their privileges.
The vulnerability of the Windows Hyper-V hardware virtualization system in Windows operating systems is related to the disclosure of information in the erroneous data area. Exploiting this vulnerability allows a malicious actor to disclose the protected information remotely...