GHSA-HC8W-H2MF-HP59 PowerShell Command Injection in Podman HyperV Machine

Summary A command injection vulnerability exists in Podman's HyperV machine backend. The VM image path is inserted into a PowerShell double-quoted string without sanitization, allowing $ subexpression injection. Affected Code File: pkg/machine/hyperv/stubber.go:647 go resize :=...

Command Injection

Overview Affected versions of this package are vulnerable to Command Injection via the Resize-VHD PowerShell command construction process. An attacker can execute arbitrary PowerShell commands with the privileges of the affected process by supplying a crafted VM image path containing malicious...

PowerShell Command Injection in Podman HyperV Machine

Summary A command injection vulnerability exists in Podman's HyperV machine backend. The VM image path is inserted into a PowerShell double-quoted string without sanitization, allowing $ subexpression injection. Affected Code File: pkg/machine/hyperv/stubber.go:647 go resize :=...

Command Injection

Overview Affected versions of this package are vulnerable to Command Injection via the Resize-VHD PowerShell command construction process. An attacker can execute arbitrary PowerShell commands with the privileges of the affected process by supplying a crafted VM image path containing malicious...

Command Injection

Overview Affected versions of this package are vulnerable to Command Injection via the Resize-VHD PowerShell command construction process. An attacker can execute arbitrary PowerShell commands with the privileges of the affected process by supplying a crafted VM image path containing malicious...

EUVD-2016-8085

Malware in sbrugna...

EUVD-2008-0619

Malware in sbrugna...

EUVD-2016-8083

Malware in sbrugna...

EUVD-2022-45096

Malicious code in bioql PyPI...

Profile Management VHDX auto expansion doesn't work CompactVHDIterations set to 1

Citrix profile Manager is configured with profile containers with the entire profile contained in the container Profile container auto-expansion is enabled Profile container VHD compression is also enabled The number of logoffs to trigger VHD disk compaction is configured to 1 Under the above...

CVE-2025-26688

Stack-based buffer overflow in Microsoft Virtual Hard Drive allows an authorized attacker to elevate privileges locally...

PT-2025-10836 · Microsoft · Windows Ntfs +1

Name of the Vulnerable Software and Affected Versions: Windows NTFS affected versions not specified Description: The issue is related to a heap-based buffer overflow in Windows NTFS, allowing an unauthorized attacker to execute code locally. This can be exploited by mounting a specially crafted V...

Xenserver Storage: Comprehensive Guide

Introduction This article will assist you in resolving issues with unavailable VDI Virtual Disk Image. Overview of the Issue In different situations, XenServer experiences issues with starting VM’s , taking a snapshot or scan of SR’s and failing with error “VDI is not available ”. This article wi...

Alternate Method to Reverse Image Provisioning Services vDisks (XenServer Direct VHD Boot)

This article describes an alternate method to Reverse Image Provisioning Services vDisks XenServer Direct VHD Boot. Note : Reverse imaging a Provisioning Services PVS vDisk is not the only way to get a vDisk back to your hypervisor for updates. This article explains the versatility associated wit...

Importing an Existing vDisk in Provisioning Services Console Causes Error

When importing a vDisk using theProvisioning Services PVSServer Console, the error “Invalid disk file for . Cannot add disk” appears. The SoapServer.log displays the following text, if Info level logging is enabled: INFO Mapi.Command - Get UndefinedDisks: Disk is not valid, needs to be a base .vh...

N. Korea-linked Kimsuky Shifts to Compiled HTML Help Files in Ongoing Cyberattacks

The North Korea-linked threat actor known as Kimsuky aka Black Banshee, Emerald Sleet, or Springtail has been observed shifting its tactics, leveraging Compiled HTML Help CHM files as vectors to deliver malware for harvesting sensitive data. Kimsuky, active since at least 2012, is known to target...

The Updated APT Playbook: Tales from the Kimsuky threat actor group

Co-authors are Christiaan Beek and Raj Samani Within Rapid7 Labs we continually track and monitor threat groups. This is one of our key areas of focus as we work to ensure that our ability to protect customers remains constant. As part of this process, we routinely identify evolving tactics from...

PT-2024-20739 · Revoworks · Revoworks Scvx +1

Name of the Vulnerable Software and Affected Versions: RevoWorks SCVX versions prior to scvimage4.10.21 1013 RevoWorks Browser versions prior to 2.2.95 Description: A protection mechanism failure issue exists, potentially allowing malware to escape the sandboxed environment if data containing...

Difference between vhd and vhdx

What's the difference between vhd and vhdx?...

PT-2023-3163 · Microsoft · Windows Resilient File System +1

Name of the Vulnerable Software and Affected Versions: Windows Resilient File System ReFS affected versions not specified Description: The issue is related to insufficient input validation in the Windows Resilient File System ReFS, which can be exploited by setting up a specially crafted VHD file...