Lucene search
K

15 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2021-9152

Malicious code in bioql PyPI...

7.8CVSS7.6AI score0.00217EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 6:19 p.m.26 views

CVE-2021-21981

VMware NSX-T contains a privilege escalation vulnerability due to an issue with RBAC Role based access control role assignment. Successful exploitation of this issue may allow attackers with local guest user account to assign privileges higher than their own permission level...

7.8CVSS7AI score0.00217EPSS
Exploits0References1
NVD
NVD
added 2022/08/29 3:15 p.m.36 views

CVE-2022-0358

A flaw was found in the QEMU virtio-fs shared file system daemon virtiofsd implementation. This flaw is strictly related to CVE-2018-13405. A local guest user can create files in the directories shared by virtio-fs with unintended group ownership in a scenario where a directory is SGID to a certa...

7.8CVSS0.00332EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2021/05/26 12:0 a.m.31 views

Oracle Linux 8 : spice-vdagent (ELSA-2021-1791)

The remote Oracle Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2021-1791 advisory. 0.20.0-3 - Fix mouse problems in multi-monitor environments under Wayland Resolves: rhbz1790904 rhbz1824610 0.20.0-2 - Resolves: CVE-2020-25650,...

6.4CVSS6AI score0.0049EPSS
Exploits4References5
Cvelist
Cvelist
added 2021/04/19 2:37 p.m.49 views

CVE-2021-21981

VMware NSX-T contains a privilege escalation vulnerability due to an issue with RBAC Role based access control role assignment. Successful exploitation of this issue may allow attackers with local guest user account to assign privileges higher than their own permission level...

7.9AI score0.00217EPSS
Exploits0References1
Debian CVE
Debian CVE
added 2020/11/26 1:28 a.m.26 views

CVE-2020-25652

A flaw was found in the spice-vdagentd daemon, where it did not properly handle client connections that can be established via the UNIX domain socket in /run/spice-vdagentd/spice-vdagent-sock. Any unprivileged local guest user could use this flaw to prevent legitimate agents from connecting to th...

5.5CVSS5.4AI score0.00431EPSS
Exploits1
UbuntuCve
UbuntuCve
added 2020/11/03 12:0 a.m.29 views

CVE-2020-25652

A flaw was found in the spice-vdagentd daemon, where it did not properly handle client connections that can be established via the UNIX domain socket in /run/spice-vdagentd/spice-vdagent-sock. Any unprivileged local guest user could use this flaw to prevent legitimate agents from connecting to th...

5.5CVSS6AI score0.00431EPSS
Exploits1References3
Veracode
Veracode
added 2020/04/10 1:4 a.m.32 views

Denial Of Service (DoS)

kernel is vulnerable to denial of service. A local guest user is able to crash the application as the cpuid instruction emulation when exiting the VM are not properly handled...

4.6CVSS2.1AI score0.00474EPSS
Exploits0References5Affected Software1
BDU FSTEC
BDU FSTEC
added 2019/10/03 12:0 a.m.4 views

The vulnerability of the Cisco IOS XE operating system arises from errors in path name restrictions for restricted access directories, allowing attackers to execute arbitrary code on the Linux kernel.

The vulnerability of the Cisco IOS XE operating system exists due to errors in path name restrictions for restricted access directories. Exploiting this vulnerability allows a malicious individual, who operates locally and is a user of the guest operating system, to execute arbitrary code on the...

6.8CVSS6.1AI score0.01138EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2017/11/14 12:0 a.m.6 views

The vulnerability of Xen hypervisors relates to deficiencies in access control, allowing attackers to trigger service failures or increase their privileges.

The vulnerability of Xen hypervisors is related to deficiencies in access control. Exploiting this vulnerability allows a malicious actor, operating locally within a user account of the x86 guest operating system in hardware virtualization mode, to trigger a hypervisor failure or increase their...

8.8CVSS7.5AI score0.0043EPSS
Exploits0References4Affected Software1
OSV
OSV
added 2017/02/22 4:59 p.m.3 views

ALPINE-CVE-2016-9377

Xen 4.5.x through 4.7.x on AMD systems without the NRip feature, when emulating instructions that generate software interrupts, allows local HVM guest OS users to cause a denial of service guest crash by leveraging IDT entry miscalculation...

5.5CVSS6.2AI score0.0039EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2017/01/26 12:0 a.m.5 views

The vulnerability of the QEMU hardware emulation software, which allows a hacker to trigger a service failure

The vulnerability in the hw/9pfs/9p-proxy.c function of the virtualization cleanup service in the QEMU hardware emulation proxy backend is related to a memory leak. Exploiting this vulnerability allows an attacker, who operates locally and is also a user of the guest operating system, to cause a...

4.9CVSS6.7AI score0.00437EPSS
Exploits0References6
CNVD
CNVD
added 2015/10/11 12:0 a.m.4 views

Spice 'surface_id' Heap Overflow Vulnerability

SPICE Simple Protocol for Independent Computing Environments is one of the three main technology components of Red Hat Enterprise Virtualized Desktop Edition, an adaptive remote submission protocol that delivers the exact same end-user experience as a physical desktop. A security vulnerability...

7.8CVSS9.4AI score0.00575EPSS
Exploits0References1
CNVD
CNVD
added 2015/04/09 12:0 a.m.3 views

Linux kernel drivers/xen/usbback/usbback.c information disclosure vulnerability

Linux kernel is an open source operating system. A security vulnerability in drivers/xen/usbback/usbback.c in linux-2.6.18-xen-3.4.0, which is used by the Suse distribution of the Linux kernel, allows a local GUEST OS user to obtain kernel-sensitive information about the HOST OS...

2.1CVSS6.1AI score0.00413EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2014/04/24 5:35 p.m.6 views

qemu: virtio-net: buffer overflow in virtio_net_handle_mac() function

Integer overflow in the virtionethandlemac function in hw/net/virtio-net.c in QEMU 2.0 and earlier allows local guest users to execute arbitrary code via a MAC addresses table update request, which triggers a heap-based buffer overflow...

4.9CVSS7.4AI score0.00711EPSS
Exploits1References4
Rows per page
Query Builder