RLSA-2026:18479 Important: qemu-kvm security update

Kernel-based Virtual Machine KVM is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm packages provide the user-space component for running virtual machines that use KVM. Security Fixes: firefox: thunderbird: CSP Bypass and XSS Exposure via Web Compatibility Shi...

ROS-20260512-73-0031

A vulnerability in the Core component of the Oracle VM VirtualBox virtual machine is related to insufficient input validation. Exploitation of the vulnerability could allow an attacker to gain full control over the application...

CVE-2026-35246

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization component: Core. The supported version that is affected is 7.2.6. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle...

CVE-2026-0665

An off-by-one error was found in QEMU's KVM Xen guest support. A malicious guest could use this flaw to trigger out-of-bounds heap accesses in the QEMU process via the emulated Xen physdev hypercall interface, leading to a denial of service or potential memory corruption...

EulerOS Virtualization 2.10.0 : icu (EulerOS-SA-2026-1173)

According to the versions of the icu packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : A stack buffer overflow was found in Internationl components for unicode ICU . While running the genrb binary, the 'subtag' struct...

Azure Linux 3.0 Security Update: qemu (CVE-2024-26328)

The version of qemu installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-26328 advisory. - An issue was discovered in QEMU 7.1.0 through 8.2.1. registervfs in hw/pci/pciesriov.c does not set NumVFs to...

MiracleLinux 7 : qemu-kvm-1.5.3-175.el7.3 (AXSA:2021-1371:01)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2021-1371:01 advisory. QEMU: loader: OOB access while loading registered ROM may lead to code execution CVE-2020-13765 QEMU: reachable assertion failure in...

MiracleLinux 4 : qemu-kvm-0.12.1.2-2.479.AXS4.1 (AXSA:2015-492:05)

The remote MiracleLinux 4 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2015-492:05 advisory. KVM for Kernel-based Virtual Machine is a full virtualization solution for Linux on x86 hardware. Using KVM, one can run multiple virtual machines running...

MiracleLinux 3 : xen-3.0.3-41.7AXS3 (AXSA:2008-256:01)

The remote MiracleLinux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2008-256:01 advisory. This package contains the Xen tools and management daemons needed to run virtual machines on x86, x8664, and ia64 systems. Information on how to use...

IBM AIX和IBM VIOS 安全漏洞

IBM AIX and IBM VIOS are both products of the International Business Machines IBM Corporation.IBM AIX is an open standards-based UNIX operating system developed for the IBM Power architecture.IBM VIOS is part of the PowerVm® Editions hardware feature set.IBM AIX is an open standards-based UNIX...

EUVD-2020-6834

Malware in sbrugna...

qCUDA 输入验证错误漏洞

qCUDA is a virtualization software by the individual developer of coldfunction. An input validation error vulnerability exists in qCUDA that stems from the qcowmakeempty function mishandling the parameter s-l1size, which could lead to an integer overflow...

CVE-2024-36486

A privilege escalation vulnerability exists in the virtual machine archive restoration functionality of Parallels Desktop for Mac version 20.1.1 55740. When an archived virtual machine is restored, the prlvmarchiver tool decompresses the file and writes the content back to its original location...

RHSA-2021:5238 Red Hat Security Advisory: virt:rhel and virt-devel:rhel security update

Bulletin has no description...

OPENSUSE-SU-2024:13257-1 xen-4.17.2_04-1.1 on GA media

These are all security issues fixed in the xen-4.17.204-1.1 package on the GA media of openSUSE Tumbleweed...

NVIDIA vGPU Software Security Vulnerability

NVIDIA vGPU Software is a management software from NVIDIA, USA, used to provide GPU capabilities to virtual machines. The software supports multiple virtual machines to access the host's GPU, providing graphics performance and application compatibility for virtual machines. A security vulnerabili...

NVIDIA vGPU Software Security Vulnerability

NVIDIA vGPU Software is a management software from NVIDIA, USA, used to provide GPU capabilities to virtual machines. The software supports multiple virtual machines to access the host's GPU, providing graphics performance and application compatibility for virtual machines. A security vulnerabili...

PT-2024-3045 · Oracle · Virtualbox

Name of the Vulnerable Software and Affected Versions: Oracle VM VirtualBox versions prior to 7.0.16 Description: The issue is related to errors in processing input data in the Core component of Oracle VM VirtualBox. This can be exploited by an attacker to elevate privileges or execute arbitrary...

QEMU Security Vulnerabilities

QEMU Quick Emulator is a set of simulation processor software by Fabrice Bellard, a French individual developer. The software is fast and cross-platform. A security vulnerability exists in QEMU, which stems from a stack-based buffer overflow in virtio-net that occurs when the virtionetflushtx...

PT-2023-35508 · Oracle · Virtualbox

Name of the Vulnerable Software and Affected Versions: VirtualBox versions prior to 7.0.10 Description: This issue affects VirtualBox, a virtualization software. The problem is related to several bugs and improvements in the software, including fixes for the VMM, GUI, TPM, and 3D graphics. There ...