CVE-2026-10047 Out-of-bounds write in Napoca real-mode hook handler via guest-controlled SS:SP (VA-13905)

The Bitdefender Napoca bare-metal hypervisor contains an out-of-bounds write vulnerability in the real-mode hook handler, implemented in napoca/kernel/handler.c. The handler uses a guest-controlled SS:SP-derived offset as an index into the 1MB RealModeMemory buffer without bounds validation. With...

CVE-2026-27204

CVE-2026-27204 involves Wasmtime’s WASI host interfaces, where guest code could exhaust host resources due to insufficient limits on resource allocations. Affected versions prior to fixes include 24.0.6, 36.0.6, 40.0.4, 41.0.4, and 42.0.0. The fixes are released in Wasmtime 24.0.6, 36.0.6, 40.0.4...

Wasmtime WASI implementations are vulnerable to guest-controlled resource exhaustion

Impact Wasmtime's implementation of WASI host interfaces are susceptible to guest-controlled resource exhaustion on the host. Wasmtime did not appropriately place limits on resource allocations requested by the guests. This serves as a Denial of Service vector where a guest can induce a range of...

EUVD-2020-21855

Malware in sbrugna...

Linux Distros Unpatched Vulnerability : CVE-2022-42334

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - x86/HVM pinned cache attributes mis-handling This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to...

CVE-2022-42335

x86 shadow paging arbitrary pointer dereference In environments where host assisted address translation is necessary but Hardware Assisted Paging HAP is unavailable, Xen will run guests in so called shadow mode. Due to too lax a check in one of the hypervisor routines used for shadow page handlin...

kernel: untrusted VMM can trigger int80 syscall handling

A flaw was found in the Linux kernel. A VMM can inject external interrupts on any arbitrary vector at any time, which may allow the guest OS to be manipulated from the VMM side...

NULL Pointer Dereference

xen is vulnerable to NULL Pointer Dereference. The vulnerability occurs due to improper check in one of the hypervisor routines used for shadow page handling. This could allow a guest with a PCI device to pass through to cause the hypervisor to access an arbitrary pointer partially under guest...

CVE-2022-42309

Xenstore: Guests can crash xenstored Due to a bug in the fix of XSA-115 a malicious guest can cause xenstored to use a wrong pointer during node creation in an error path, resulting in a crash of xenstored or a memory corruption in xenstored causing further damage. Entering the error path can be...

Debian Security Advisory DSA 3596-1 (spice - security update)

Several vulnerabilities were discovered in spice, a SPICE protocol client and server library. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2016-0749 Jing Zhao of Red Hat discovered a memory allocation flaw, leading to a heap-based buffer overflow in spic...

openSUSE Security Update : virtualbox (openSUSE-2016-672)

Virtualbox was updated to 5.0.20 to fix the following issues : Version bump to 5.0.20 released 2016-04-28 by Oracle This is a maintenance release. The following items were fixed and/or added : - NAT Network: File VBoxNetNAT no longer requires suid - Storage: fixed a regression causing write...

OracleVM 2.2 : xen (OVMSA-2016-0012)

The remote OracleVM system is missing necessary patches to address critical security updates : - XSA-125: Limit XENDOMCTLmemorymapping hypercall to only process up to 64 GFNs or less Jan Beulich 20732412 CVE-2015-2752 - XSA-126: xen: limit guest control of PCI command register Jan Beulich 2073939...

Unbreakable Enterprise kernel security and bugfix update

2.6.39-400.250.2 - crypto: aesni - fix memory usage in GCM decryption Stephan Mueller Orabug: 21077389 CVE-2015-3331 2.6.39-400.250.1 - xen/pciback: Don't disable PCICOMMAND on PCI device reset. Konrad Rzeszutek Wilk Orabug: 20807440 CVE-2015-2150 - xen-blkfront: fix accounting of reqs when...

Oracle Linux 6 / 7 : Unbreakable Enterprise kernel (ELSA-2015-3019)

The remote Oracle Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2015-3019 advisory. - IB/core: Prevent integer overflow in ibumemget address arithmetic Shachar Raindel Orabug: 20799875 CVE-2014-8159 CVE-2014-8159 - xen-pciback: lim...

Unbreakable Enterprise kernel security update

kernel-uek 3.8.13-68.1.2 - IB/core: Prevent integer overflow in ibumemget address arithmetic Shachar Raindel Orabug: 20799875 CVE-2014-8159 CVE-2014-8159 3.8.13-68.1.1 - xen-pciback: limit guest control of command register Jan Beulich Orabug: 20697017 CVE-2015-2150 CVE-2015-2150 - net: sctp: fix...

Non-standard PCI device functionality may render pass-through insecure

ISSUE DESCRIPTION Devices with capabilities or defects that are undocumented or that virtualization software is unaware of may allow guests to control parts of the host that they shouldn't be in control of. Here are some examples of the kind of problem: While XSA-120 deals with standard PCI confi...