Ubuntu: Security Advisory (USN-8161-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EUVD-2025-206467

NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager, where a malicious guest could cause heap memory access after the memory is freed. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, data tampering, denial of service, or...

EUVD-2022-37387

Malicious code in bioql PyPI...

CVE-2024-36346

Improper input validation in AMD Power Management Firmware PMFW could allow a privileged attacker from Guest VM to send arbitrary input data potentially causing a GPU Reset condition...

USN-7508-1 open-vm-tools vulnerability

It was discovered that Open VM Tools incorrectly handled certain file operations. An attacker in a guest could use this issue to perform insecure file operations and possibly elevate privileges in the guest...

Ubuntu: Security Advisory (USN-6167-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2022-34432

Dell Hybrid Client below 1.8 version contains a gedit vulnerability. A guest attacker could potentially exploit this vulnerability, allowing deletion of user and some system files and folders...

CVE-2022-34432

Dell Hybrid Client below 1.8 version contains a gedit vulnerability. A guest attacker could potentially exploit this vulnerability, allowing deletion of user and some system files and folders...

CVE-2022-34432

Dell Hybrid Client below 1.8 version contains a gedit vulnerability. A guest attacker could potentially exploit this vulnerability, allowing deletion of user and some system files and folders...

CVE-2022-34432

Dell Hybrid Client below 1.8 version contains a gedit vulnerability. A guest attacker could potentially exploit this vulnerability, allowing deletion of user and some system files and folders...

Dell Hybrid Client 安全漏洞

Dell Hybrid Client is a software application from Dell USA Inc. It provides a client computing software with hybrid cloud management capabilities. A security vulnerability previously existed in Dell Hybrid Client version 1.8, which stemmed from the inclusion of a gedit vulnerability. A guest...

Dell Hybrid Client 安全漏洞

Dell Hybrid Client is a software application from Dell USA Inc. It provides a client computing software with hybrid cloud management capabilities. A security vulnerability previously existed in Dell Hybrid Client version 1.8, which stemmed from the inclusion of a Zip Bomb vulnerability in the UI....

USN-5578-2 open-vm-tools vulnerability

USN-5578-1 fixed a vulnerability in Open VM Tools. This update provides the corresponding update for Ubuntu 16.04 ESM. Original advisory details: It was discovered that Open VM Tools incorrectly handled certain requests. An attacker inside the guest could possibly use this issue to gain root...

USN-5578-1 open-vm-tools vulnerability

It was discovered that Open VM Tools incorrectly handled certain requests. An attacker inside the guest could possibly use this issue to gain root privileges inside the virtual machine...

USN-5309-1 virglrenderer vulnerabilities

It was discovered that virglrenderer incorrectly handled memory. An attacker inside a guest could use this issue to cause virglrenderer to crash, resulting in a denial of service, or possibly execute arbitrary code. CVE-2022-0135 It was discovered that virglrenderer incorrectly initialized memory...

A reachable assertion issue was found in the USB EHCI emulation code of QEMU. It could occur while processing USB requests due to missing handling of DMA memory map failure. A malicious privileged user within the guest may abuse this flaw to send bogus USB requests and crash the QEMU process on the host resulting in a denial of service.

...

USN-4550-1 dpdk vulnerabilities

Ryan Hall discovered that DPDK incorrectly handled vhost crypto. An attacker inside a guest could use these issues to perform multiple attacks, including denial of service attacks, obtaining sensitive information from the host, and possibly executing arbitrary code on the host...

USN-4511-1 qemu vulnerability

Ziming Zhang, Xiao Wei, Gonglei Arei, and Yanyu Zhang discovered that QEMU incorrectly handled certain USB packets. An attacker inside the guest could use this issue to cause QEMU to crash, resulting in a denial of service, or possibly execute arbitrary code on the host. In the default...

PT-2020-3973 · Microsoft · Hyper-V +1

Name of the Vulnerable Software and Affected Versions: Microsoft Hyper-V affected versions not specified Description: A denial of service issue exists due to insufficient input validation in Microsoft Hyper-V. This can be exploited by an attacker with a privileged account on a guest operating...

The vulnerability of the xen_failsafe_callback function in Xen hypervisors allows a malicious actor to trigger a service failure or increase their privileges.

The vulnerability of the xenfailsafecallback function in Xen hypervisors is related to deficiencies in access control. Exploiting this vulnerability could allow a attacker running on a guest OS to cause service failures or increase their privileges...