CVE-2020-3690

u'Due to an incorrect SMMU configuration, the modem crypto engine can potentially compromise the hypervisor' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired...

CVE-2020-15687

Missing access control restrictions in the Hypervisor component of the ACRN Project v2.0 and v1.6.1 allow a malicious entity, with root access in the Service VM userspace, to abuse the PCIe assign/de-assign Hypercalls via crafted ioctls and payloads. This attack results in a corrupt state and...

CVE-2020-3965

VMware ESXi 7.0 before ESXi7.0.0-1.20.16321839, 6.7 before ESXi670-202006401-SG and 6.5 before ESXi650-202005401-SG, Workstation 15.x before 15.5.2, and Fusion 11.x before 11.5.2 contain an information leak in the XHCI USB controller. A malicious actor with local access to a virtual machine may b...

CVE-2019-19273

On Samsung mobile devices with O8.0 and P9.0 software and an Exynos 8895 chipset, RKP aka the Samsung Hypervisor EL2 implementation allows arbitrary memory write operations. The Samsung ID is SVE-2019-16265...

CVE-2025-20112

CVE-2025-20112 affects multiple Cisco Unified Communications and Contact Center Solutions. Affected component/impact: privilege escalation to root on the device via exploitation of excessive permissions on system commands, leading to escape from restricted shell. Exploitation requires local, auth...

CVE-2025-20112 Cisco Unified Communications Products Privilege Escalation Vulnerability

A vulnerability in multiple Cisco Unified Communications and Contact Center Solutions products could allow an authenticated, local attacker to elevate privileges to root on an affected device. This vulnerability is due to excessive permissions that have been assigned to system commands. An attack...

USN-7510-5 linux-azure-fips vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - PowerPC architecture; - x86 architecture; - Block layer subsystem; - Network block device...

VMware ESXi和VMware vCenter Server 安全漏洞

VMware ESXi and VMware vCenter Server are both products of VMware, Inc.VMware ESXi is a server virtualization platform that can be installed directly on physical servers.VMware vCenter Server is a suite of server and virtualization management software. The software provides a centralized platform...

[SECURITY] Fedora 42 Update: xen-4.19.2-4.fc42

This package contains the XenD daemon and xm command line tools, needed to manage virtual machines running under the Xen hypervisor...

USN-7510-1 linux, linux-gkeop, linux-ibm, linux-ibm-5.15, linux-intel-iotg, linux-kvm, linux-lowlatency, linux-lowlatency-hwe-5.15, linux-nvidia, linux-oracle, linux-oracle-5.15 vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - PowerPC architecture; - x86 architecture; - Block layer subsystem; - Network block device...

OESA-2025-1512 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: In the Linux kernel, the following vulnerability has been resolved: usb: atm: cxacru: fix a flaw in existing endpoint checks Syzbot once again identified a flaw in usb endpoint checking, see 1. This time the issue stems from a...

kernel: x86/hyperv: fix kexec crash due to VP assist page corruption

in cpuhpsetupstate a requisite condition of "hypervinitcpuhp 0" for the hyperv case will never be true, and then hvcpudie won't be called on all CPUs and the VP assist page will not be reset. This leads to corruption of the previous VP assist page and ultimately panic if the kexec kernel is using...

CVE-2024-28956

Exposure of Sensitive Information in Shared Microarchitectural Structures during Transient Execution for some IntelR Processors may allow an authenticated user to potentially enable information disclosure via local access...

XenServer and Citrix Hypervisor Security Update for CVE-2024-28956

Description of Problem Intel has disclosed a security issue affecting Intel CPUs. This CPU hardware issue may allow privileged code in a guest VM to infer some memory content of another VM that is running on the same CPU core. Although this is not a vulnerability in the XenServer or Citrix...

Hotfix XS82ECU1086 - For Citrix Hypervisor 8.2 Cumulative Update 1

Who Should Install This Hotfix? This is a hotfix for customers running Citrix Hypervisor 8.2 Cumulative Update 1 and is only available to customers on theCustomer Success Servicesprogram. All customers who are affected by the issues described inCTX693178 - Citrix Hypervisor Security Bulletinshoul...

[SECURITY] Fedora 41 Update: incus-6.12-1.fc41

Container hypervisor based on LXC Incus offers a REST API to remotely manage containers over the network, using an image based work-flow and with support for live migration. This package contains the Incus daemon...

[SECURITY] Fedora 42 Update: incus-6.12-1.fc42

Container hypervisor based on LXC Incus offers a REST API to remotely manage containers over the network, using an image based work-flow and with support for live migration. This package contains the Incus daemon...

CVE-2024-49842 Improper Access Control in Hypervisor

Memory corruption during memory mapping into protected VM address space due to incorrect API restrictions...

CVE-2024-49842 Improper Access Control in Hypervisor

Memory corruption during memory mapping into protected VM address space due to incorrect API restrictions...

CVE-2024-49841 Detection of Error Condition Without Action in Hypervisor

Memory corruption during memory assignment to headless peripheral VM due to incorrect error code handling...