Virtualisation and cloud computing technologies provide a unique set of security problems. Where one host runs multiple virtual guests, a new inter-guest attack surface is exposed. Several recent vulnerabilities have taken advantage of this, allowing for inter-guest attacks. This talk describes the key categories of virtualisation related vulnerabilities, narrated by a time line of critical CVEs. Defence attempts are also discussed, with emphasis on SELinux and the efforts of the sVirt project.