vulnlab

vulnlab vulnlab is a collection of version-pinned Vagrant vir...

denkair-lab

DenkAir - Windows AD Pentesting Lab A comprehensive Windows A...

CVE-2022-37009

In JetBrains IntelliJ IDEA before 2022.2 local code execution via a Vagrant executable was possible...

EUVD-2017-8013

Malware in sbrugna...

EUVD-2017-7956

Malware in sbrugna...

EUVD-2017-7706

Malware in sbrugna...

EUVD-2017-3351

Malware in sbrugna...

EUVD-2017-16647

Malware in sbrugna...

EUVD-2017-4151

Malware in sbrugna...

EUVD-2017-7417

Malware in sbrugna...

EUVD-2017-8047

Malware in sbrugna...

EUVD-2017-7303

Malware in sbrugna...

EUVD-2024-32987

Malicious code in bioql PyPI...

EUVD-2023-2640

Malicious code in bioql PyPI...

EUVD-2025-19756

Malicious code in bioql PyPI...

MAL-2025-22001 Malicious code in grunt-vagrant-ssh (npm)

The package grunt-vagrant-ssh was found to contain malicious code...

Malicious code in grunt-vagrant-ssh (npm)

The package grunt-vagrant-ssh was found to contain malicious code...

HashiCorp Vagrant Installed (macOS)

Binary data macosvagrantinstalled.nbin...

HashiCorp Vagrant 2.2.10 < 2.4.7 Code Injection (macOS)

The version of HashiCorp Vagrant installed on the remote host is 2.2.10 prior to 2.4.7. It is, therefore, is affected by a code injection vulnerability. Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number. %NASLMINLEVEL 8090...

Incorrect Default Permissions

Vagrant is vulnerable to Incorrect Default Permissions. The vulnerability is due to the Vagrantfile being writable from within the guest VM and executed by the host, allowing a low-privileged attacker to achieve guest-to-host code execution...