Lucene search
+L

135 matches found

OSV
OSV
added 2026/02/21 6:17 a.m.6 views

AZL-78282 CVE-2026-27211 affecting package cloud-hypervisor 48.0.246-1

Cloud Hypervisor is a Virtual Machine Monitor for Cloud workloads. Versions 34.0 through 50.0 arevulnerable to arbitrary host file exfiltration constrained by process privileges when using virtio-block devices backed by raw images. A malicious guest can overwrite its disk header with a crafted...

10CVSS5.7AI score0.005EPSS
Exploits1References1
NVD
NVD
added 2026/02/21 6:17 a.m.22 views

CVE-2026-27211

Cloud Hypervisor is a Virtual Machine Monitor for Cloud workloads. Versions 34.0 through 50.0 arevulnerable to arbitrary host file exfiltration constrained by process privileges when using virtio-block devices backed by raw images. A malicious guest can overwrite its disk header with a crafted...

10CVSS0.005EPSS
Exploits1References7
ATTACKERKB
ATTACKERKB
added 2026/02/21 5:36 a.m.6 views

CVE-2026-27211

Cloud Hypervisor is a Virtual Machine Monitor for Cloud workloads. Versions 34.0 through 50.0 arevulnerable to arbitrary host file exfiltration constrained by process privileges when using virtio-block devices backed by raw images. A malicious guest can overwrite its disk header with a crafted...

9.1CVSS5.6AI score0.005EPSS
Exploits1References8Affected Software1
Cvelist
Cvelist
added 2026/02/21 5:36 a.m.29 views

CVE-2026-27211 Cloud Hypervisor: Host File Exfiltration via QCOW Backing File Abuse

Cloud Hypervisor is a Virtual Machine Monitor for Cloud workloads. Versions 34.0 through 50.0 arevulnerable to arbitrary host file exfiltration constrained by process privileges when using virtio-block devices backed by raw images. A malicious guest can overwrite its disk header with a crafted...

9.1CVSS0.005EPSS
Exploits1References7
Positive Technologies
Positive Technologies
added 2026/02/21 12:0 a.m.8 views

PT-2026-21357

Name of the Vulnerable Software and Affected Versions Cloud Hypervisor versions 34.0 through 50.0 Description Cloud Hypervisor, a Virtual Machine Monitor for Cloud workloads, has an issue where a malicious guest can potentially access sensitive host files. This occurs when using virtio-block...

10CVSS5.2AI score0.005EPSS
Exploits1References17
CNNVD
CNNVD
added 2026/02/21 12:0 a.m.9 views

Cloud hypervisor 安全漏洞

Cloud Hypervisor is a virtual machine monitor developed by Cloud Hypervisor Company, designed for modern cloud workloads. Versions 34.0 to 50.0 of Cloud Hypervisor contain security vulnerabilities. These vulnerabilities stem from defects in the virtio-block device supported by original images,...

10CVSS5.9AI score0.005EPSS
Exploits1References7
Tenable Nessus
Tenable Nessus
added 2026/01/16 12:0 a.m.4 views

MiracleLinux 7 : qemu-kvm-1.5.3-126.el7.5 (AXSA:2017-1328:02)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2017-1328:02 advisory. qemu-kvm is an open source virtualizer that provides hardware emulation for the KVM hypervisor. qemu-kvm acts as a virtual machine monitor together...

9.9CVSS7.2AI score0.03648EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/01/13 2:1 p.m.4 views

Astra Linux – Vulnerability in Qemu

A flaw was discovered in QEMU, specifically in the virtio-scsi, virtio-blk, and virtio-crypto devices. The size of virtqueuepush, as specified in virtioscsicompletereq, virtioblkreqComplete, and viritocryptoreqComplete, might be larger than the actual size of the data that has been sent to the...

3.8CVSS6.6AI score0.00203EPSS
Exploits0References3
OSV
OSV
added 2025/11/10 12:6 p.m.11 views

USN-7865-1 linux-fips vulnerabilities

Jean-Claude Graf, Sandro Rüegge, Ali Hajiabadi, and Kaveh Razavi discovered that the Linux kernel contained insufficient branch predictor isolation between a guest and a userspace hypervisor for certain processors. This flaw is known as VMSCAPE. An attacker in a guest VM could possibly use this t...

7.8CVSS6.8AI score0.01345EPSS
Exploits8References23
Ubuntu
Ubuntu
added 2025/11/10 12:6 p.m.10 views

USN-7865-1: Linux kernel (FIPS) vulnerabilities

Jean-Claude Graf, Sandro Rüegge, Ali Hajiabadi, and Kaveh Razavi discovered that the Linux kernel contained insufficient branch predictor isolation between a guest and a userspace hypervisor for certain processors. This flaw is known as VMSCAPE. An attacker in a guest VM could possibly use this t...

7.8CVSS7.5AI score0.01345EPSS
Exploits8
Tenable Nessus
Tenable Nessus
added 2025/11/05 12:0 a.m.5 views

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-990227)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990227 advisory. In the Linux kernel, the following vulnerability has been resolved: virtio-blk: don't keep queue frozen during system suspend Commit 4ce6e2db00de virtio-blk: Ensure ...

5.5CVSS6.2AI score0.00162EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/11/05 12:0 a.m.3 views

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-989847)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989847 advisory. In the Linux kernel, the following vulnerability has been resolved: virtio-blk: don't keep queue frozen during system suspend Commit 4ce6e2db00de virtio-blk: Ensure ...

5.5CVSS6.2AI score0.00162EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/11/05 12:0 a.m.4 views

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989128)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989128 advisory. In the Linux kernel, the following vulnerability has been resolved: virtio-blk: Fix memory leak among suspend/resume procedure The vblk-vqs should be freed before we...

5.5CVSS6.1AI score0.00259EPSS
Exploits0References4
Ubuntu
Ubuntu
added 2025/10/21 9:18 p.m.8 views

USN-7797-3: Linux kernel (AWS) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Virtio block driver; - Media drivers; - Network drivers; - Framebuffer layer; - BTRFS file system; - Ext4 file...

7.8CVSS7AI score0.00289EPSS
Exploits0
OSV
OSV
added 2025/10/21 9:18 p.m.10 views

USN-7797-3 linux-aws vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Virtio block driver; - Media drivers; - Network drivers; - Framebuffer layer; - BTRFS file system; - Ext4 file...

7.8CVSS6.7AI score0.00289EPSS
Exploits0References11
OSV
OSV
added 2025/10/20 6:0 p.m.14 views

CLSA-2025-1760983231 Fix of 25 CVEs

CVE-url: https://ubuntu.com/security/CVE-2024-41069 - ASoC: topology: Fix references to freed memory - ASoC: topology: Do not assign fields that are already set - ASoC: topology: Clean up route loading Bionic update: upstream stable patchset 2021-06-11 LP: 1931740 // CVE- url:...

7.8CVSS6.9AI score0.00328EPSS
Exploits1References1
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2014-3483

Malware in sbrugna...

5.5CVSS5.7AI score0.00396EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2025/10/07 12:0 a.m.5 views

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-986832)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-986832 advisory. In the Linux kernel, the following vulnerability has been resolved: virtio-blk: Fix memory leak among suspend/resume procedure The vblk-vqs should be freed before we...

5.5CVSS6.1AI score0.00259EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/10/07 12:0 a.m.3 views

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-986508)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-986508 advisory. In the Linux kernel, the following vulnerability has been resolved: virtio-blk: Fix memory leak among suspend/resume procedure The vblk-vqs should be freed before we...

5.5CVSS6.1AI score0.00259EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2025/10/07 12:0 a.m.2 views

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-986328)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-986328 advisory. In the Linux kernel, the following vulnerability has been resolved: virtio-blk: Fix memory leak among suspend/resume procedure The vblk-vqs should be freed before we...

5.5CVSS6.1AI score0.00259EPSS
Exploits0References3
Rows per page
Query Builder