EUVD-2026-32356

In the Linux kernel, the following vulnerability has been resolved: xen-netback: reject zero-queue configuration from guest A malicious or buggy Xen guest can write "0" to the xenbus key "multi-queue-num-queues". The connect function in the backend only validates the upper bound requestednumqueue...

UBUNTU-CVE-2026-45890

In the Linux kernel, the following vulnerability has been resolved: xen-netback: reject zero-queue configuration from guest A malicious or buggy Xen guest can write "0" to the xenbus key "multi-queue-num-queues". The connect function in the backend only validates the upper bound requestednumqueue...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-001476)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001476 advisory. A flaw was found in the KVM's AMD code for supporting SVM nested virtualization. The flaw occurs when processing the VMCB virtual machine control block provided by t...

MiracleLinux 7 : dpdk-17.11-11.el7 (AXSA:2018-3220:02)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2018-3220:02 advisory. dpdk: Information exposure in unchecked guest physical to host virtual address translations CVE-2018-1059 Tenable has extracted the preceding description blo...

USN-7910-1 linux-azure-fips vulnerabilities

Jean-Claude Graf, Sandro Rüegge, Ali Hajiabadi, and Kaveh Razavi discovered that the Linux kernel contained insufficient branch predictor isolation between a guest and a userspace hypervisor for certain processors. This flaw is known as VMSCAPE. An attacker in a guest VM could possibly use this t...

CVE-2025-61553

An out-of-bounds write in VirtIO network device emulation in BitVisor from commit 108df6 2020-05-20 to commit 480907 2025-07-06 allows local attackers to cause a denial of service host hypervisor crash via a crafted PCI configuration space access. Given it's a heap overflow in a privileged...

CVE-2025-61553

The CVE describes an out-of-bounds write in BitVisor’s VirtIO network device emulation, affecting commits 108df6 (2020-05-20) through 480907 (2025-07-06). A crafted PCI configuration space access can cause a host hypervisor denial-of-service (crash) and, given the heap overflow in privileged hype...

EUVD-2019-8174

Malware in sbrugna...

EUVD-2020-27254

Malware in sbrugna...

EUVD-2025-19756

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2021-45464

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - kvmtool through 39181fc allows an out-of-bounds write, related to virtio/balloon.c and virtio/pci.c. This allows a guest OS user to execute arbitrary code on th...

vsock: Fix transport_{g2h,h2g} TOCTOU

...

PT-2025-49011

In pkvm guest relinquish to host of mem protect.c, there is a possible configuration data leak due to a logic error in the code. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...

Incorrect Default Permissions

Vagrant is vulnerable to Incorrect Default Permissions. The vulnerability is due to the Vagrantfile being writable from within the guest VM and executed by the host, allowing a low-privileged attacker to achieve guest-to-host code execution...

HashiCorp Vagrant has code injection vulnerability through default synced folders

An authenticated virtual machine escape vulnerability exists in HashiCorp Vagrant versions 2.4.6 and below when using the default synced folder configuration. By design, Vagrant automatically mounts the host system’s project directory into the guest VM under /vagrant or C:\vagrant on Windows. Thi...

CVE-2020-6100

An exploitable memory corruption vulnerability exists in AMD atidxx64.dll 26.20.15019.19000 graphics driver. A specially crafted pixel shader can cause memory corruption vulnerability. An attacker can provide a specially crafted shader file to trigger this vulnerability. This vulnerability...

Linux Distros Unpatched Vulnerability : CVE-2023-4155

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in KVM AMD Secure Encrypted Virtualization SEV in the Linux kernel. A KVM guest using SEV-ES or SEV-SNP with multiple vCPUs can trigger a doubl...

PT-2026-7454

Improper bound check within AMD CPU microcode can allow a malicious guest to write to host memory, potentially resulting in loss of integrity...

kernel: KVM: SEV-ES / SEV-SNP VMGEXIT double fetch vulnerability

A flaw was found in KVM AMD Secure Encrypted Virtualization SEV in the Linux kernel. A KVM guest using SEV-ES or SEV-SNP with multiple vCPUs can trigger a double fetch race condition vulnerability and invoke the VMGEXIT handler recursively. If an attacker manages to call the handler multiple time...

CVE-2024-6154

Parallels Desktop Toolgate Heap-based Buffer Overflow Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop. An attacker must first obtain the ability to execute high-privileged code on the target...