EUVD-2020-25230

Malware in sbrugna...

UBUNTU-CVE-2025-41244

VMware Aria Operations and VMware Tools contain a local privilege escalation vulnerability. A malicious local actor with non-administrative privileges having access to a VM with VMware Tools installed and managed by Aria Operations with SDMP enabled may exploit this vulnerability to escalate...

CVE-2024-2860

The PostgreSQL implementation in Brocade SANnav versions before 2.3.0a is vulnerable to an incorrect local authentication flaw. An attacker accessing the VM where the Brocade SANnav is installed can gain access to sensitive data inside the PostgreSQL database...

GHSA-C7W7-9C85-4QXV OpenStack Nova Live migration fails to update persistent domain XML

An issue was discovered in Guest.migrate in virt/libvirt/guest.py in OpenStack Nova before 19.3.1, 20.x before 20.3.1, and 21.0.0. By performing a soft reboot of an instance that has previously undergone live migration, a user may gain access to destination host devices that share the same paths ...

CVE-2021-38923

IBM PowerVM Hypervisor FW1010 could allow a privileged user to gain access to another VM due to assigning duplicate WWPNs. IBM X-Force ID: 210162...

IBM PowerVM Hypervisor 安全漏洞

IBM PowerVM Hypervisor is an application from Universal Business Machines IBM, Inc. provides a secure and scalable virtualized environment for applications built on the advanced RAS features and leading performance of the Power Systems platform. A security vulnerability exists in IBM PowerVM...

[SECURITY] Fedora 35 Update: libguestfs-1.45.7-2.fc35

Libguestfs is a library for accessing and modifying virtual machine disk images. http://libguestfs.org Libguestfs uses Linux kernel and qemu code, and can access any type of guest filesystem that Linux and qemu can, including but not limited to: ext2/3/4, btrfs, FAT and NTFS, LVM, many different...

CVE-2020-3990

VMware Workstation 15.x and Horizon Client for Windows 5.x before 5.4.4 contain an information disclosure vulnerability due to an integer overflow issue in Cortado ThinPrint component. A malicious actor with normal access to a virtual machine may be able to exploit this issue to leak memory from...

CVE-2020-10255

Modern DRAM chips DDR4 and LPDDR4 after 2015 are affected by a vulnerability in deployment of internal mitigations against RowHammer attacks known as Target Row Refresh TRR, aka the TRRespass issue. To exploit this vulnerability, the attacker needs to create certain access patterns to trigger bit...

CVE-2019-5519

VMware ESXi 6.7 before ESXi670-201903001, 6.5 before ESXi650-201903001, 6.0 before ESXi600-201903001, Workstation 15.x before 15.0.4, 14.x before 14.1.7, Fusion 11.x before 11.0.3, 10.x before 10.1.6 contain a Time-of-check Time-of-use TOCTOU vulnerability in the virtual USB 1.1 UHCI Universal Ho...

IBM B2B Advanced Communications Information Disclosure Vulnerability

IBM B2B Advanced Communication is a communication gateway product from IBM USA. An information disclosure vulnerability exists in IBM B2B Advanced Communications versions 1.0.0.2 and 1.0.0.3. An attacker can exploit the vulnerability to obtain sensitive information in error response messages with...

Xen 'hvm/irq.c' Denial of Service Vulnerability

Xen is an open source virtual machine monitor product developed at the University of Cambridge, UK. The product enables different and incompatible operating systems to run on the same computer and supports runtime migration to ensure uptime and avoid downtime. A denial of service vulnerability...

PYSEC-2013-43

OpenStack Compute Nova Grizzly, Folsom 2012.2, and Essex 2012.1 allows remote authenticated users to gain access to a VM in opportunistic circumstances by using the VNC token for a deleted VM that was bound to the same VNC port...