Lucene search
K

61 matches found

SUSE CVE
SUSE CVE
added 2025/08/19 11:23 p.m.6 views

SUSE CVE-2025-38560

In the Linux kernel, the following vulnerability has been resolved: x86/sev: Evict cache lines during SNP memory validation An SNP cache coherency vulnerability requires a cache line eviction mitigation when validating memory after a page state change to private. The specific mitigation is to tou...

7.5CVSS6.5AI score0.00153EPSS
Exploits0References28
NVD
NVD
added 2025/08/19 5:15 p.m.8 views

CVE-2025-38560

In the Linux kernel, the following vulnerability has been resolved: x86/sev: Evict cache lines during SNP memory validation An SNP cache coherency vulnerability requires a cache line eviction mitigation when validating memory after a page state change to private. The specific mitigation is to tou...

5.5CVSS0.00153EPSS
Exploits0References7
OSV
OSV
added 2025/08/19 5:2 p.m.6 views

CVE-2025-38560 x86/sev: Evict cache lines during SNP memory validation

In the Linux kernel, the following vulnerability has been resolved: x86/sev: Evict cache lines during SNP memory validation An SNP cache coherency vulnerability requires a cache line eviction mitigation when validating memory after a page state change to private. The specific mitigation is to tou...

5.5CVSS6.3AI score0.00153EPSS
Exploits0References10
CVE
CVE
added 2025/08/19 5:2 p.m.55 views

CVE-2025-38560

CVE-2025-38560 relates to the Linux kernel x86/sev SNP memory validation. The vulnerability requires a cache-line eviction mitigation when memory is validated after changing a page state to private. The documented mitigation is to touch the first and last byte of each 4K page being validated. If ...

5.5CVSS7.2AI score0.00153EPSS
Exploits0References7Affected Software1
NVD
NVD
added 2025/02/20 9:15 p.m.16 views

CVE-2025-27097

GraphQL Mesh is a GraphQL Federation framework and gateway for both GraphQL Federation and non-GraphQL Federation subgraphs, non-GraphQL services, such as REST and gRPC, and also databases such as MongoDB, MySQL, and PostgreSQL. When a user transforms on the root level or single source with...

7.5CVSS0.00399EPSS
Exploits0References1
CVE
CVE
added 2025/02/20 8:15 p.m.103 views

CVE-2025-27097

Affected software: GraphQL Mesh (a GraphQL Federation framework/gateway). The issue stems from the LRU-based cache for DocumentNode used during transforms, causing the initial set of variables to be reused across subsequent requests with different variables. As a result, if tokens are supplied vi...

7.5CVSS6.6AI score0.00399EPSS
Exploits0References1Affected Software1
SUSE CVE
SUSE CVE
added 2024/06/04 2:25 a.m.2 views

SUSE CVE-2024-36923

This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...

5.3CVSS7.4AI score0.00012EPSS
Exploits0References16
Positive Technologies
Positive Technologies
added 2024/03/19 12:0 a.m.7 views

PT-2024-27213

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The issue arises when an iget fails due to the inability to retrieve information from the server, resulting in a partially initialized inode structure. Upon eviction, references are made...

5.5CVSS5.4AI score0.00012EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2024/01/01 12:0 a.m.5 views

PT-2024-41505

Name of the Vulnerable Software and Affected Versions: linux in Debian Linux affected versions not specified Description: The vulnerability involves evicting cache lines during Secure Nested Paging SNP memory validation in x86 systems. This issue affects Debian Linux. Recommendations: At the...

3.2CVSS5.9AI score0.00144EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2023/10/10 12:0 a.m.5 views

PT-2023-36348 · Unknown · Graphql Mesh

Name of the Vulnerable Software and Affected Versions: GraphQL Mesh affected versions not specified Description: GraphQL Mesh is a framework and gateway for GraphQL Federation and non-GraphQL Federation subgraphs, non-GraphQL services, and databases. When a user transforms on the root level or...

7.5CVSS6.9AI score0.00399EPSS
Exploits0References11
Veracode
Veracode
added 2023/05/15 6:0 a.m.21 views

Race Condition

org.opensearch.plugin:opensearch-security is vulnerable to a Race Condition. Improper access authorization can occur from exceedingly rare race condition in the application which results in the failure to apply the fine-grained access control rules to queries. When the query cache eviction occurs...

5.9CVSS6.8AI score0.0046EPSS
Exploits0References4Affected Software1
Github Security Blog
Github Security Blog
added 2023/05/09 9:25 p.m.39 views

OpenSearch issue with fine-grained access control during extremely rare race conditions

Impact There is an issue with the implementation of fine-grained access control rules document-level security, field-level security and field masking where they are not correctly applied to the queries during extremely rare race conditions potentially leading to incorrect access authorization. Fo...

5.9CVSS6.4AI score0.0046EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2023/05/08 9:15 p.m.25 views

UBUNTU-CVE-2023-31141

OpenSearch is open-source software suite for search, analytics, and observability applications. Prior to versions 1.3.10 and 2.7.0, there is an issue with the implementation of fine-grained access control rules document-level security, field-level security and field masking where they are not...

5.9CVSS5.8AI score0.0046EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2023/05/08 8:33 p.m.6 views

CVE-2023-31141 OpenSearch issue with fine-grained access control during extremely rare race conditions

OpenSearch is open-source software suite for search, analytics, and observability applications. Prior to versions 1.3.10 and 2.7.0, there is an issue with the implementation of fine-grained access control rules document-level security, field-level security and field masking where they are not...

4.8CVSS5.7AI score0.0046EPSS
Exploits0References1
CVE
CVE
added 2023/05/08 8:33 p.m.140 views

CVE-2023-31141

OpenSearch vulnerability CVE-2023-31141 involves race-condition on access-control rules (document-level/field-level security and field masking) where queries may bypass correct authorization under extremely rare timing with concurrent requests and query-cache eviction. Affected are OpenSearch rel...

5.9CVSS5.3AI score0.0046EPSS
Exploits0References1Affected Software2
RedHat Linux
RedHat Linux
added 2021/08/31 8:15 a.m.3 views

hw: L1D Cache Eviction Sampling

A microarchitectural timing flaw was found on some Intel processors. A corner case exists where data in-flight during the eviction process can end up in the “fill buffers” and not properly cleared by the MDS mitigations. The fill buffer contents which were expected to be blank can be inferred usi...

5.5CVSS6.5AI score0.00587EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2021/08/31 12:0 a.m.49 views

RHEL 7 : microcode_ctl (RHSA-2021:3317)

The remote Redhat Enterprise Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2021:3317 advisory. hw: Vector Register Data Sampling CVE-2020-0548 hw: L1D Cache Eviction Sampling CVE-2020-0549 hw: Special Register Buffer Data Sampling SRBD...

8.8CVSS7.2AI score0.00587EPSS
Exploits0References21
Tenable Nessus
Tenable Nessus
added 2021/08/24 12:0 a.m.55 views

RHEL 7 : microcode_ctl (RHSA-2021:3255)

The remote Redhat Enterprise Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2021:3255 advisory. The microcodectl packages provide microcode updates for Intel. Security Fixes: hw: Special Register Buffer Data Sampling SRBDS CVE-2020-0543...

8.8CVSS7.1AI score0.00587EPSS
Exploits0References21
Tenable Nessus
Tenable Nessus
added 2021/08/17 12:0 a.m.48 views

RHEL 8 : microcode_ctl (RHSA-2021:3176)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2021:3176 advisory. The microcodectl packages provide microcode updates for Intel. Security Fixes: hw: Vector Register Data Sampling CVE-2020-0548 hw: L1D Cache...

8.8CVSS7.1AI score0.00587EPSS
Exploits0References22
Tenable Nessus
Tenable Nessus
added 2021/08/11 12:0 a.m.44 views

RHEL 7 : microcode_ctl (RHSA-2021:3029)

The remote Redhat Enterprise Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2021:3029 advisory. The microcodectl packages provide microcode updates for Intel. Security Fixes: hw: Special Register Buffer Data Sampling SRBDS CVE-2020-0543...

8.8CVSS7.1AI score0.00587EPSS
Exploits0References21
Rows per page
Query Builder