Unity Linux 20.1070e Security Update: kernel (UTSA-2026-013323)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013323 advisory. In the Linux kernel, the following vulnerability has been resolved: KVM: SVM: Use onlinevcpus, not createdvcpus, to iterate over vCPUs Use the kvmforeachvcpu helper ...

Cybersecurity Firm TAC Security Hits 10,000 Clients, Enters Top 5 in Global VM & AppSec

New York, New York, April 1st, 2026, CyberNewswire...

EUVD-2020-18732

Malware in sbrugna...

EUVD-2007-0830

Malware in sbrugna...

CVE-2024-54189

A privilege escalation vulnerability exists in the Snapshot functionality of Parallels Desktop for Mac version 20.1.1 build 55740. When a snapshot of a virtual machine is taken, a root service writes to a file owned by a normal user. By using a hard link, an attacker can write to an arbitrary fil...

CVE-2024-54189

Summary: CVE-2024-54189 is a local privilege-escalation vulnerability in Parallels Desktop for Mac 20.1.1 (build 55740). During VM snapshot creation, the root-level prl_disp_service writes metadata to a snapshot.xml file in a VM directory owned by a normal user. An attacker can replace that file ...

Ununauthorized Root Access

github.com/kubernetes-sigs/image-builder is vulnerable to Unauthorized Root Access. The vulnerability is due to default credentials being enabled during the image build process with the Nutanix, OVA, QEMU, or raw providers, which could allow attackers to gain root access if they reach the VM wher...

Corel Parallels Desktop 安全漏洞

Corel Parallels Desktop is a suite of virtual machine software for the macOS platform from Canada's Corel Digital Technology Corel. A security vulnerability exists in Corel Parallels Desktop that stems from a specific flaw in the virtio-gpu virtual appliance that lacks proper validation of...

Fedora 39 : open-vm-tools (2023-20b6ac4b6c)

The remote Fedora 39 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-20b6ac4b6c advisory. Package new upstream version of open-vm-tools-12.3.0-22234872. Security fix for CVE-2023-20900, CVE-2023-20867 Tenable has extracted the preceding...

CVE-2023-20867

A fully compromised ESXi host can force VMware Tools to fail to authenticate host-to-guest operations, impacting the confidentiality and integrity of the guest virtual machine...

SUSE-SU-2018:0630-1 Security update for java-1_7_1-ibm

This update for java-171-ibm provides the following fix: The version was updated to 7.1.4.20 bsc1082810 Security fixes: - CVE-2018-2633 CVE-2018-2637 CVE-2018-2634 CVE-2018-2582 CVE-2018-2641 CVE-2018-2618 CVE-2018-2657 CVE-2018-2603 CVE-2018-2599 CVE-2018-2602 CVE-2018-2678 CVE-2018-2677...

Vulnerability warning:“venom（VENOM”the vulnerability affects millions worldwide virtual machine security-vulnerability warning-the black bar safety net

! CrowdStrike, the company security researchers said that a named“venom（VENOM”QEMU could allow millions of virtual machines in a cyber-attack risk, the vulnerability can cause the virtual machine to escape, the threat to the world's largest cloud service provider's data security. QEMU is an...

Venom Vulnerability Exposes Most Data Centers to Cyber Attacks

Just after a new security vulnerability surfaced Wednesday, many tech outlets started comparing it with HeartBleed, the serious security glitch uncovered last year that rendered communications with many well-known web services insecure, potentially exposing Millions of plain-text passwords. But...

Linux Virtual Server procfs DoS

Virtual machine users can change /proc permissions...

Sun Java Virtual Machine 1.x - Slash Path Security Model Circumvention

Sun Java Virtual Machine 1.x - Slash Path Security Model Circumvention source: https://www.securityfocus.com/bid/8879/info A vulnerability has been identified in the Sun Java Virtual Machine packaged with JRE and SDK. This issue results in the circumvention of the Java Security Model, and can...