KubeVirt Isolation Detection Flaw Allows Arbitrary File Permission Changes

KubeVirt Excessive Role Permissions Could Enable Unauthorized VMI Migrations Between Nodes

KubeVirt VMI Denial-of-Service (DoS) Using Pod Impersonation

KubeVirt Improper TLS Certificate Management Handling Allows API Identity Spoofing

KubeVirt Arbitrary Container File Read

KubeVirt Affected by an Authentication Bypass in Kubernetes Aggregation Layer

containerd CRI server: Host memory exhaustion through Attach goroutine leak

KubeVirt Vulnerable to Arbitrary Host File Read and Write

Gnutls: null pointer dereference in _gnutls_figure_common_ciphersuite()

LZ4 through 1.10.0 allows attackers to cause a denial of service (application crash) or possibly have unspecified other impact when the application processes untrusted LZ4 frames. For example, LZ4F_createCDict_advanced in lib/lz4frame.c mishandles NULL checks.

HDF5 H5FSsection.c H5FS__sect_find_node heap-based overflow

HDF5 H5Cimage.c H5C__reconstruct_cache_entry heap-based overflow

NULL pointer dereference vulnerability exists in GNU libmicrohttpd v1.0.2 and earlier. The vulnerability was fixed in commit ff13abc on the master branch of the libmicrohttpd Git repository, after the v1.0.2 tag. A specially crafted packet sent by an attacker could cause a denial-of-service (DoS) condition.

DirectX Graphics Kernel Elevation of Privilege Vulnerability

Application Information Service Elevation of Privilege Vulnerability

Windows Installer Elevation of Privilege Vulnerability

Windows Camera Frame Server Monitor Information Disclosure Vulnerability

Microsoft Brokering File System Elevation of Privilege Vulnerability

Windows Hyper-V Denial of Service Vulnerability