Lucene search
K

21 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2021-13148

Malware in sbrugna...

3.3CVSS4.8AI score0.00215EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2020-25213

Malware in sbrugna...

7.8CVSS7.9AI score0.00282EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/05/22 4:39 p.m.8 views

CVE-2020-3948

Linux Guest VMs running on VMware Workstation 15.x before 15.5.2 and Fusion 11.x before 11.5.2 contain a local privilege escalation vulnerability due to improper file permissions in Cortado Thinprint. Local attackers with non-administrative access to a Linux guest VM with virtual printing enabled...

7.8CVSS7AI score0.00282EPSS
Exploits0
Citrix
Citrix
added 2022/06/23 8:6 p.m.91 views

Citrix Hypervisor Security Update

A security issue has been identified in Citrix Hypervisor 7.1 LTSR CU2 that may allow privileged code in a PV guest VM to compromise the host. Citrix believes that there would be significant complexity in performing this attack in Citrix Hypervisor. The issue has the following CVE identifier:...

6.9CVSS2.6AI score0.06451EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2022/05/26 12:0 a.m.40 views

SUSE SLES12 Security Update : kernel-firmware (SUSE-SU-2022:1846-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:1846-1 advisory. - Failure to flush the Translation Lookaside Buffer TLB of the I/O memory management unit IOMMU may lead an IO device to write to...

6.5CVSS6.5AI score0.00328EPSS
Exploits0References33
OSV
OSV
added 2022/05/11 5:15 p.m.3 views

CVE-2021-26342

In SEV guest VMs, the CPU may fail to flush the Translation Lookaside Buffer TLB following a particular sequence of operations that includes creation of a new virtual machine control block VMCB. The failure to flush the TLB may cause the microcode to use stale TLB translations which may allow for...

3.3CVSS6AI score0.00215EPSS
Exploits0References1
NVD
NVD
added 2022/05/11 5:15 p.m.23 views

CVE-2021-26342

In SEV guest VMs, the CPU may fail to flush the Translation Lookaside Buffer TLB following a particular sequence of operations that includes creation of a new virtual machine control block VMCB. The failure to flush the TLB may cause the microcode to use stale TLB translations which may allow for...

3.3CVSS0.00215EPSS
Exploits0References1
Ubuntu
Ubuntu
added 2021/09/13 9:12 a.m.139 views

LSN-0081-1: Kernel Live Patch Security Notice

Maxim Levitsky discovered that the KVM hypervisor implementation for AMD processors in the Linux kernel did not properly prevent a guest VM from enabling AVIC in nested guest VMs. An attacker in a guest VM could use this to write to portions of the host's physical memory.CVE-2021-3653 Maxim...

8.8CVSS7.4AI score0.78684EPSS
Exploits28
Ubuntu
Ubuntu
added 2021/09/08 11:48 p.m.142 views

USN-5072-1: Linux kernel vulnerabilities

Maxim Levitsky and Paolo Bonzini discovered that the KVM hypervisor implementation for AMD processors in the Linux kernel allowed a guest VM to disable restrictions on VMLOAD/VMSAVE in a nested guest. An attacker in a guest VM could use this to read or write portions of the host's physical memory...

8.8CVSS6.6AI score0.00658EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2021/07/27 12:0 a.m.42 views

SUSE SLED15: libvirt / libvirt-admin / libvirt-bash-completion / libvirt-client / etc (SUSE-SU-2021:2471-1)

The remote SUSE Linux SLED15 / SLES15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2021:2471-1 advisory. - CVE-2021-3631: fix SELinux label generation logic bsc1187871 Tenable has extracted the preceding description block directly from the SUSE...

6.3CVSS6.9AI score0.00493EPSS
Exploits1References5
NVD
NVD
added 2021/05/13 12:15 p.m.19 views

CVE-2021-26311

In the AMD SEV/SEV-ES feature, memory can be rearranged in the guest address space that is not detected by the attestation mechanism which could be used by a malicious hypervisor to potentially lead to arbitrary code execution within the guest VM if a malicious administrator has access to...

9CVSS0.01683EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2020/08/24 1:4 p.m.51 views

CVE-2020-14364

An out-of-bounds read/write access flaw was found in the USB emulator of the QEMU. This issue occurs while processing USB packets from a guest when USBDevice 'setuplen' exceeds its 'databuf4096' in the dotokenin, dotokenout routines. This flaw allows a guest user to crash the QEMU process,...

5CVSS2.6AI score0.05447EPSS
Exploits1References5
Prion
Prion
added 2020/05/19 9:15 p.m.18 views

Design/Logic Flaw

Kata Containers before 1.11.0 on Cloud Hypervisor persists guest filesystem changes to the underlying image file on the host. A malicious guest can overwrite the image file to gain control of all subsequent guest VMs. Since Kata Containers uses the same VM image file with all VMMs, this issue may...

4.6CVSS9AI score0.00313EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2020/05/19 9:5 p.m.62 views

CVE-2020-2025

CVE-2020-2025 affects Kata Containers before 1.11.0 on Cloud Hypervisor. The issue lets a malicious guest persist or overwrite the underlying image file, potentially gaining control of subsequent VMs. Because Kata uses a shared VM image across VMMs, this may also impact QEMU and Firecracker based...

8.8CVSS8.7AI score0.00313EPSS
Exploits0References1Affected Software1
Veracode
Veracode
added 2019/05/16 3:18 a.m.24 views

Denial Of Service (DoS)

Linux kernel is vulnerable to denial of serviceDoS attacks. This is because improper validation in the bnx2x network card driver. An attacker could send a packet with a gsosize larger than 9700 bytes because of that Untrusted guest VMs could exploit this vulnerability in the host machine, causing...

7.7CVSS7AI score0.039EPSS
Exploits1References36Affected Software2
Citrix
Citrix
added 2019/05/14 4:0 a.m.73 views

Citrix Hypervisor Security Update

Description of Problem A number of security issues have been identified in certain CPU hardware that may allow unprivileged code running on a CPU core to infer the value of memory data belonging to other processes, virtual machines or the hypervisor that are, or have recently been, running on the...

5.6CVSS0.2AI score0.01553EPSS
Exploits0Affected Software2
VMware
VMware
added 2018/07/10 12:0 a.m.601 views

VMSA-2018-0017:VMware Tools update addresses an out-of-bounds read vulnerability

VMSA-2018-0017.4 VMware Tools update addresses an out-of-bounds read vulnerability VMware Security Advisory VMware Security Advisory Advisory ID: VMSA-2018-0017.4 VMware Security Advisory Severity: Important VMware Security Advisory Synopsis: VMware Tools update addresses an out-of-bounds read...

7CVSS7.1AI score0.00395EPSS
Exploits0References12Affected Software1
RedhatCVE
RedhatCVE
added 2018/02/05 4:49 a.m.43 views

CVE-2018-1000026

Improper validation in the bnx2x network card driver of the Linux kernel version 4.15 can allow for denial of service DoS attacks via a packet with a gsosize larger than 9700 bytes. Untrusted guest VMs can exploit this vulnerability in the host machine, causing a crash in the network card...

7.7CVSS4.3AI score0.039EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2017/01/11 12:0 a.m.40 views

RHEL 6 : kernel (RHSA-2017:0031)

The remote Redhat Enterprise Linux 6 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2017:0031 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: A use-after-free vulnerability was found in the...

10CVSS6.9AI score0.24299EPSS
Exploits0References4
OpenVAS
OpenVAS
added 2016/12/21 12:0 a.m.43 views

RedHat Update for kernel RHSA-2016:2962-01

The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

10CVSS7.7AI score0.24299EPSS
Exploits0References2
Rows per page
Query Builder