Lucene search
K

119 matches found

Amazon
Amazon
added 2022/07/15 12:0 a.m.12 views

Important: kernel

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: drm/plane: Move range check for formatcount earlier CVE-2021-47659 In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Fix some memory leaks in an error handling path of 'logreplay'...

7.8CVSS5.6AI score0.06451EPSS
Exploits9
OSV
OSV
added 2022/06/02 2:15 p.m.2 views

UBUNTU-CVE-2022-1789

With shadow paging enabled, the INVPCID instruction results in a call to kvmmmuinvpcidgva. If INVPCID is executed with CR0.PG=0, the invlpg callback is not set and the result is a NULL pointer dereference...

6.8CVSS6.7AI score0.00318EPSS
Exploits0References9
Prion
Prion
added 2022/04/19 9:15 p.m.25 views

Buffer overflow

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization component: Core. The supported version that is affected is Prior to 6.1.34. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise...

2.1CVSS3.8AI score0.00372EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2022/04/15 7:15 p.m.1 views

CVE-2022-24537

Windows Hyper-V Remote Code Execution Vulnerability...

7.8CVSS7.3AI score0.00352EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2021/10/19 7:19 a.m.2 views

kernel: SVM nested virtualization issue in KVM (VMLOAD/VMSAVE)

A flaw was found in the KVM's AMD code for supporting SVM nested virtualization. The flaw occurs when processing the VMCB virtual machine control block provided by the L1 guest to spawn/handle a nested guest L2. Due to improper validation of the "virtext" field, this issue could allow a malicious...

8.8CVSS6.7AI score0.00658EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2021/10/12 7:47 a.m.2 views

kernel: Improper handling of VM_IO|VM_PFNMAP vmas in KVM can bypass RO checks

A flaw was found in the Linux kernel’s KVM implementation, where improper handing of the VMIO|VMPFNMAP VMAs in KVM bypasses RO checks and leads to pages being freed while still accessible by the VMM and guest. This flaw allows users who can start and control a VM to read/write random pages of...

8.7CVSS7AI score0.0066EPSS
Exploits1References5
CNNVD
CNNVD
added 2021/08/16 12:0 a.m.3 views

KVM 安全漏洞

KVM is a kernel-based virtual machine. A security vulnerability exists in the AMD code for KVM, which stems from incorrect validation of "virtext" when processing VMCBs Virtual Machine Control Blocks provided by L1 guests to generate/process nested guests L2...

8.8CVSS6.8AI score0.00658EPSS
Exploits0References43
OSV
OSV
added 2021/07/14 6:15 p.m.4 views

CVE-2021-33758

Windows Hyper-V Denial of Service Vulnerability...

7.7CVSS7.3AI score0.02654EPSS
Exploits0References1
OSV
OSV
added 2021/04/22 10:15 p.m.2 views

CVE-2021-2279

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization component: Core. The supported version that is affected is Prior to 6.1.20. Difficult to exploit vulnerability allows unauthenticated attacker with network access via RDP to compromise Oracle VM VirtualBox. Successful...

8.1CVSS6.7AI score0.0331EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2021/04/08 12:0 a.m.13 views

The vulnerability in the arch/x86/kvm/svm/sev.c component of the Kernel-based Virtual Machine (KVM) virtualization subsystem of Linux operating systems allows a attacker to cause a service failure.

The vulnerability in the kernel-based virtual machine KVM virtualization subsystem of Linux operating systems, specifically in the arch/x86/kvm/svm/sev.c component, involves uncontrolled resource consumption. Exploiting this vulnerability can allow an attacker to cause service failures...

5.5CVSS6.6AI score0.00335EPSS
Exploits0References18Affected Software2
BDU FSTEC
BDU FSTEC
added 2021/01/26 12:0 a.m.5 views

The vulnerability of the Hyper-V hardware virtualization system in the Windows operating system allows a hacker to trigger a service failure.

The vulnerability of the Hyper-V hardware virtualization technology in the Windows operating system is related to insufficient validation of input data. Exploiting this vulnerability can allow a malicious actor to cause service interruptions remotely...

7.1CVSS7.1AI score0.03769EPSS
Exploits0References2
CNNVD
CNNVD
added 2021/01/22 12:0 a.m.5 views

QEMU 访问控制错误漏洞

QEMU Quick Emulator is a set of simulation processor software by Fabrice Bellard, a French individual developer. The software is fast and cross-platform. QEMU suffers from an Access Control Error vulnerability that can be exploited by an attacker to bypass access restrictions via virtiofsd in ord...

8.2CVSS7.1AI score0.00522EPSS
Exploits1References20
CNVD
CNVD
added 2020/08/06 12:0 a.m.2 views

Red Hat libvirt Elevation of Privilege Vulnerability

Red Hat libvirt is a Linux API for implementing Linux virtualization features from Red Hat, Inc. It supports a variety of Hypervisors, including Xen and KVM, as well as QEMU and a number of virtual products for other operating systems. A security vulnerability exists in Red Hat libvirt that stems...

9.3CVSS9.1AI score0.00383EPSS
Exploits0References1
CNVD
CNVD
added 2020/07/16 12:0 a.m.3 views

Unspecified Vulnerability in Oracle VM VirtualBox (CNVD-2020-40801)

Oracle Virtualization is a set of virtualization solutions from Oracle Corporation. The product is used to unify the management of the entire hardware and software system from applications to disks, enabling virtualization from the desktop to the data center.VM VirtualBox is one of the virtual...

7.5CVSS9AI score0.00547EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2020/07/09 12:0 a.m.6 views

The vulnerability of the EHCI controller in VMware ESXi, VMware Workstation, and VMware Fusion allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the EHCI controller in VMware ESXi, VMware Workstation, and VMware Fusion lies in the lack of protection for service data. Exploiting this vulnerability can allow an intruder to gain unauthorized access to protected information...

4.7CVSS5.5AI score0.00471EPSS
Exploits2References4Affected Software3
OSV
OSV
added 2020/01/31 8:15 p.m.1 views

DEBIAN-CVE-2019-3016

In a Linux KVM guest that has PV TLB enabled, a process in the guest kernel may be able to read memory locations from another process in the same guest. This problem is limit to the host running linux kernel 4.10 with a guest running linux kernel 4.16 or later. The problem mainly affects AMD...

4.7CVSS6.3AI score0.00619EPSS
Exploits0References1
OSV
OSV
added 2020/01/15 5:15 p.m.1 views

CVE-2020-2698

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization component: Core. Supported versions that are affected are Prior to 5.2.36, prior to 6.0.16 and prior to 6.1.2. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where Oracl...

7.5CVSS7.1AI score0.00416EPSS
Exploits0References3
CNVD
CNVD
added 2019/11/21 12:0 a.m.2 views

Microsoft Windows Hyper-V Denial of Service Vulnerability (CNVD-2019-42609)

Microsoft Windows and Microsoft Windows Server are both products of Microsoft Corporation, U.S.A. Microsoft Windows is a set of operating systems for personal devices.Microsoft Windows Server is a set of server operating systems. Windows Hyper-V is one of the virtualization products that supports...

6.8CVSS6.6AI score0.05141EPSS
Exploits0References1
OSV
OSV
added 2019/10/08 1:15 a.m.4 views

ALPINE-CVE-2019-17343

An issue was discovered in Xen through 4.11.x allowing x86 PV guest OS users to cause a denial of service or gain privileges by leveraging incorrect use of the HVM physmap concept for PV domains...

6.8CVSS6.9AI score0.00279EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2019/06/26 12:0 a.m.5 views

The vulnerability of the Hyper-V hardware virtualization system in the Windows operating system allows a hacker to execute arbitrary code in the host operating system.

The vulnerability of the Hyper-V hardware virtualization technology in the Windows operating system exists due to insufficient verification of input data on the host server. Exploiting this vulnerability allows a malicious actor to execute arbitrary code in the host operating system using a...

7.7CVSS6.4AI score0.0404EPSS
Exploits2References3
Rows per page
Query Builder