12996 matches found
The vulnerability of the getServerCertificate method in the HPE StoreOnce VSA storage virtualized system allows a attacker to execute arbitrary code.
The vulnerability of the getServerCertificate method in the HPE StoreOnce VSA storage virtualized environment is related to the lack of data cleaning measures at the management level. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...
VMware NSX 安全漏洞
VMware NSX is a complete L2-L7 network and security virtualization platform from VMware. VMware NSX is a complete L2-L7 network and security virtualization platform from VMware. It provides virtual machines with a virtualized network, isolates virtual machines from the physical network, and makes...
CVE-2024-36486
A privilege escalation vulnerability exists in the virtual machine archive restoration functionality of Parallels Desktop for Mac version 20.1.1 55740. When an archived virtual machine is restored, the prlvmarchiver tool decompresses the file and writes the content back to its original location...
Parallels Desktop prl_vmarchiver Unarchive Hard Link Privilege Escalation
Talos Vulnerability Report TALOS-2024-2126 Parallels Desktop prlvmarchiver Unarchive Hard Link Privilege Escalation June 3, 2025 CVE Number CVE-2024-36486 SUMMARY A privilege escalation vulnerability exists in the virtual machine archive restoration functionality of Parallels Desktop for Mac...
Browser Fingerprinting Using WebAssembly
Web client fingerprinting has become a widely used technique for uniquely identifying users, browsers, operating systems, and devices with high accuracy. While it is beneficial for applications such as fraud detection and personalized experiences, it also raises privacy concerns by enabling...
UBUNTU-CVE-2025-37996
In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: Fix uninitialized memcache pointer in usermemabort Commit fce886a60207 "KVM: arm64: Plumb the pKVM MMU in KVM" made the initialization of the local memcache variable in usermemabort conditional, leaving a codepath whe...
SUSE-SU-2025:20367-1 Security update for kernel-livepatch-MICRO-6-0_Update_2
This update for kernel-livepatch-MICRO-6-0Update2 fixes the following issues: - CVE-2024-53042: ipv4: iptunnel: Fix suspicious RCU usage warning in iptunnelinitflow bsc1233678 - CVE-2024-53156: wifi: ath9k: add range check for connrspepid in htcconnectservice bsc1234847 - CVE-2024-50115: KVM: nSV...
An issue was discovered in QEMU 7.1.0 through 8.2.1. register_vfs in hw/pci/pcie_sriov.c does not set NumVFs to PCI_SRIOV_TOTAL_VF, and thus interaction with hw/nvme/ctrl.c is mishandled.
...
PT-2025-23024
Critical vulnerabilities in XenServer Windows VM Tools enable privilege escalation on XenServer 8.4 & Citrix Hypervisor 8.2 CU1 LTSR. Linux VMs unaffected. Update to version 9.4.1+ ASAP. 🔒 CVE-2025-27462 Australia Virtualization https://t.co/JaZh2Ea25r...
[SECURITY] Fedora 41 Update: open-vm-tools-12.5.2-1.fc41
The open-vm-tools project is an open source implementation of VMware Tools. It is a suite of open source virtualization utilities and drivers to improve the functionality, user experience and administration of VMware virtual machines. This package contains only the core user-space programs and...
Security update for the Linux Kernel (Live Patch 17 for SLE 15 SP5)
This update for the Linux Kernel 5.14.21-1505005573 fixes several issues. The following security issues were fixed: CVE-2024-53156: wifi: ath9k: add range check for connrspepid in htcconnectservice bsc1234847. CVE-2024-43882: Fixed ToCToU between perm check and set-uid/gid usage bsc1229504...
CVE-2024-4692
Improper Validation of Specified Quantity in Input vulnerability in OpenText OpenText Application Automation Tools allows Exploiting Incorrectly Configured Access Control Security Levels. Multiple missing permission checks - Service Virtualization config has been discovered in in OpenText...
CVE-2024-28805
An issue was discovered in Italtel i-MCS NFV 12.1.0-20211215. There is Incorrect Access Control...
SUSE-SU-2025:01692-1 Security update for the Linux Kernel (Live Patch 17 for SLE 15 SP5)
This update for the Linux Kernel 5.14.21-1505005573 fixes several issues. The following security issues were fixed: - CVE-2024-53156: wifi: ath9k: add range check for connrspepid in htcconnectservice bsc1234847. - CVE-2024-43882: Fixed ToCToU between perm check and set-uid/gid usage bsc1229504. -...
CVE-2024-51765
A security vulnerability has been identified in HPE Cray Data Virtualization Service DVS. Depending on configuration, this vulnerability may lead to local/cluster unauthorized access...
CVE-2023-25517
NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager vGPU plugin, where a guest OS may be able to control resources for which it is not authorized, which may lead to information disclosure and data tampering...
CVE-2023-20513
An insufficient bounds check in PMFW Power Management Firmware may allow an attacker to utilize a malicious VF virtualization function to send a malformed message, potentially resulting in a denial of service...
CVE-2021-25653
A privilege escalation vulnerability was discovered in Avaya Aura Appliance Virtualization Platform Utilities AVPU that may potentially allow a local user to escalate privileges. Affects 8.0.0.0 through 8.1.3.1 versions of AVPU...
CVE-2021-2123
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization component: Core. The supported version that is affected is Prior to 6.1.18. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromis...
CVE-2021-20070
Racom's MIDGE Firmware 4.4.40.105 contains an issue that allows attackers to conduct cross-site scriptings attacks via the virtualization.php dialogs...