26 matches found
KB5077179: Windows 11 Version 26H1 Security Update (February 2026)
The remote Windows host is missing security update 5077179. It is, therefore, affected by multiple vulnerabilities - Protection mechanism failure in MSHTML Framework allows an unauthorized attacker to bypass a security feature over a network. CVE-2026-21513 - Access of resource using incompatible...
EUVD-2012-3454
Malware in sbrugna...
EUVD-2020-25260
Malware in sbrugna...
EUVD-2016-9291
Malware in sbrugna...
EUVD-2021-22780
Malware in sbrugna...
EUVD-2016-9290
Malware in sbrugna...
EUVD-2021-13117
Malware in sbrugna...
EUVD-2024-19018
Malicious code in bioql PyPI...
EUVD-2023-37225
Malicious code in bioql PyPI...
XenServer and Citrix Hypervisor Security Update for CVE-2024-45818
Description of Problem An issue has been identified that affects both XenServer 8 and Citrix Hypervisor 8.2 CU1 LTSR and allows a malicious administrator of a guest VM to cause the host to crash or become unresponsive. This issue has the following identifier: CVE-2024-45818 What Customers Should ...
RHSA-2014:0339 Red Hat Security Advisory: rhev-hypervisor6 security update
Bulletin has no description...
CVE-2024-2182
A flaw was found in the Open Virtual Network OVN. In OVN clusters where BFD is used between hypervisors for high availability, an attacker can inject specially crafted BFD packets from inside unprivileged workloads, including virtual machines or containers, that can trigger a denial of service...
CVE-2024-21305 Hypervisor-Protected Code Integrity (HVCI) Security Feature Bypass Vulnerability
...
Vulnerabilities fixed in Citrix Hypervisor
Citrix has released an update to fix vulnerabilities in Citrix hypervisor. The vulnerability with reference CVE-2023-23583 allows a local malicious party to use a virtual guest system to compromise the host system via PCI passthrough. This vulnerability is only present when the vulnerable product...
PT-2022-22978 · Xhyve · Xhyve
Name of the Vulnerable Software and Affected Versions: xhyve affected versions not specified Description: This issue allows local attackers to escalate privileges on affected installations. An attacker must first obtain the ability to execute high-privileged code on the target guest system in ord...
Are Virtual Machines the New Gold for Cyber Criminals?
ARCHIVED STORY Are Virtual Machines the New Gold for Cyber Criminals? ATR Operational Intelligence Team · JUN 10, 2021 Introduction Virtualization technology has been an IT cornerstone for organization for years now. It revolutionized the way organizations can scale up IT systems in a heartbeat,...
CVE-2021-26311
CVE-2021-26311 concerns AMD SEV/SEV-ES where memory can be rearranged in the guest address space without attestation detection, potentially enabling arbitrary code execution in a guest VM if a malicious administrator with server-hypervisor access acts. Documents cite the vulnerability in SEV/SEV-...
Kernel: kvm: nVMX: L2 guest may trick the L0 hypervisor to access sensitive L1 resources
A flaw was found in the way KVM hypervisor handled instruction emulation for the L2 guest when nested=1 virtualization is enabled. In the instruction emulation, the L2 guest could trick the L0 hypervisor into accessing sensitive bits of the L1 hypervisor. An L2 guest could use this flaw to...
Kernel: kvm: nVMX: L2 guest may trick the L0 hypervisor to access sensitive L1 resources
A flaw was found in the way KVM hypervisor handled instruction emulation for the L2 guest when nested=1 virtualization is enabled. In the instruction emulation, the L2 guest could trick the L0 hypervisor into accessing sensitive bits of the L1 hypervisor. An L2 guest could use this flaw to...
Kernel: kvm: nVMX: L2 guest may trick the L0 hypervisor to access sensitive L1 resources
A flaw was found in the way KVM hypervisor handled instruction emulation for the L2 guest when nested=1 virtualization is enabled. In the instruction emulation, the L2 guest could trick the L0 hypervisor into accessing sensitive bits of the L1 hypervisor. An L2 guest could use this flaw to...