CVE-2026-28370

In the query parser in OpenStack Vitrage before 12.0.1, 13.0.0, 14.0.0, and 15.0.0, a user allowed to access the Vitrage API may trigger code execution on the Vitrage service host as the user the Vitrage service runs under. This may result in unauthorized access to the host and further compromise...

EUVD-2010-4211

Malware in sbrugna...

EUVD-2017-7043

Malware in sbrugna...

EUVD-2012-5904

Malware in sbrugna...

EUVD-2009-2705

Malware in sbrugna...

EUVD-2020-20177

Malware in sbrugna...

EUVD-2017-8723

Malware in sbrugna...

EUVD-2014-0149

Malware in sbrugna...

CVE-2021-32844

HyperKit is a toolkit for embedding hypervisor capabilities in an application. In versions 0.20210107 and prior of HyperKit, vipciwrite has is a call to vccfgwrite that does not check for null which when called makes the host crash. This issue may lead to a guest crashing the host causing a denia...

CVE-2020-5964

NVIDIA Windows GPU Display Driver, all versions, contains a vulnerability in the service host component, in which the application resources integrity check may be missed. Such an attack may lead to code execution, denial of service or information disclosure...

Linux Distros Unpatched Vulnerability : CVE-2017-17564

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in Xen through 4.9.x allowing guest OS users to cause a denial of service host OS crash or gain host OS privileges by leveraging incorre...

PT-2024-4041 · Centreon · Centreon

Name of the Vulnerable Software and Affected Versions: Centreon affected versions not specified Description: This issue allows remote attackers to execute arbitrary code on affected installations of Centreon. Authentication is required to exploit this issue. The specific flaw exists within the...

CVE-2023-40049

In WSFTP Server version prior to 8.8.2, an unauthenticated user could enumerate files under the 'WebServiceHost' directory listing...

Progress Software WS_FTP Server Security Vulnerability

Progress Software WSFTP Server is an effective and highly manageable FTP server from Progress Software, USA. A security vulnerability exists in Progress Software WSFTP Server versions prior to 8.8.2. An attacker can use this vulnerability to enumerate files in the "WebServiceHost" directory listi...

CVE-2021-32844

HyperKit is a toolkit for embedding hypervisor capabilities in an application. In versions 0.20210107 and prior of HyperKit, vipciwrite has is a call to vccfgwrite that does not check for null which when called makes the host crash. This issue may lead to a guest crashing the host causing a denia...

PT-2022-7153 · Autodesk · Autodesk Installer

Name of the Vulnerable Software and Affected Versions: Autodesk Installer affected versions not specified Description: The issue is related to a maliciously crafted DLL file that can be forced to write beyond allocated boundaries when the Autodesk installer parses the DLL files. This could lead t...

CVE-2022-26245

Falcon-plus v0.3 was discovered to contain a SQL injection vulnerability via the parameter grpName in /config/service/host.go...

CVE-2022-26245

Falcon-plus v0.3 contains a SQL injection in the grpName parameter of /config/service/host.go. The CVE entry CVE-2022-26245 is described consistently across sources, with high/critical impact (CVSS v3.1: 9.8) and network attack vector with no authentication; impact includes confidentiality, integ...

Description of the security update for Microsoft Exchange Server 2013: March 8, 2022 (KB5010324)

Description of the security update for Microsoft Exchange Server 2013: March 8, 2022 KB5010324 This security update rollup resolves vulnerabilities in Microsoft Exchange Server. To learn more about these vulnerabilities, see the following Common Vulnerabilities and Exposures CVE:CVE-2022-23277 |...

Arbitrary Code Execution

harfbuzz is vulnerable to arbitrary code execution. A buffer over-read in hb-ot-layout-gpos-table.hh allows an attacker to cause a denial of service or potentially execute arbitrary code on the host OS...