CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

177 matches found

CVE•added 2022/09/20 10:10 a.m.•61 views

CVE-2022-3079

CVE-2022-3079 affects Festo CPX-CEC-C1 and CPX-CMXX controllers across multiple versions. The vulnerability: unauthenticated, remote access to critical webpage functions (e.g., reboot) via the device’s web interface, potentially causing a denial of service. This is documented across multiple sour...

7.5CVSS7.7AI score0.00287EPSS

Exploits0References1Affected Software1

CNNVD•added 2022/09/20 12:0 a.m.•3 views

Festo control block CPX-CEC-C1和 CPX-CMXX 安全漏洞

The Festo control block CPX-CEC-C1 and the Festo control block CPX-CMXX are both a control module from Festo, Germany. A security vulnerability exists in multiple versions of Festo that stems from the fact that its control blocks CPX-CEC-C1 and CPX-CMXX allow unauthenticated remote access to...

7.5CVSS7.6AI score0.00287EPSS

Exploits0References2

RedhatCVE•added 2022/05/20 10:25 p.m.•30 views

CVE-2020-29570

An issue was discovered in Xen through 4.14.x. Recording of the per-vCPU control block mapping maintained by Xen and that of pointers into the control block is reversed. The consumer assumes, seeing the former initialized, that the latter are also ready for use. Malicious or buggy guest kernels c...

6.2CVSS4.2AI score0.0006EPSS

Exploits0References2

ATTACKERKB•added 2022/05/02 4:15 a.m.•3 views

CVE-2022-29968

An issue was discovered in the Linux kernel through 5.17.5. iorwinitfile in fs/iouring.c lacks initialization of kiocb-private...

7.8CVSS7.1AI score0.01656EPSS

Exploits1References9

BDU FSTEC•added 2021/12/20 12:0 a.m.•1 views

The vulnerability of the Application Control Block in FortiOS operating systems allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the Application Control Block in FortiOS operating systems is related to insufficient protection of operational data. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected information...

5.3CVSS5.9AI score0.00237EPSS

Exploits0References4Affected Software1

RedHat Linux•added 2021/11/02 9:9 a.m.•1 views

kernel: SVM nested virtualization issue in KVM (VMLOAD/VMSAVE)

A flaw was found in the KVM's AMD code for supporting SVM nested virtualization. The flaw occurs when processing the VMCB virtual machine control block provided by the L1 guest to spawn/handle a nested guest L2. Due to improper validation of the "virtext" field, this issue could allow a malicious...

8.8CVSS6.7AI score0.00066EPSS

Exploits0References5

RedHat Linux•added 2021/10/19 7:19 a.m.•2 views

kernel: SVM nested virtualization issue in KVM (AVIC support)

A flaw was found in the KVM's AMD code for supporting SVM nested virtualization. The flaw occurs when processing the VMCB virtual machine control block provided by the L1 guest to spawn/handle a nested guest L2. Due to improper validation of the "intctl" field, this issue could allow a malicious ...

8.8CVSS6.7AI score0.00015EPSS

Exploits1References5

RedHat Linux•added 2021/10/19 7:19 a.m.•0 views

kernel: SVM nested virtualization issue in KVM (VMLOAD/VMSAVE)

8.8CVSS6.7AI score0.00066EPSS

Exploits0References5

RedHat Linux•added 2021/09/28 2:38 p.m.•0 views

kernel: SVM nested virtualization issue in KVM (VMLOAD/VMSAVE)

8.8CVSS6.7AI score0.00066EPSS

Exploits0References5

Microsoft CVE•added 2021/08/12 7:0 a.m.•2 views

arch/x86/kvm/svm/nested.c in the Linux kernel before 5.11.12 has a use-after-free in which an AMD KVM guest can bypass access control on host OS MSRs when there are nested guests aka CID-a58d9166a756. This occurs because of a TOCTOU race condition associated with a VMCB12 double fetch in nested_svm_vmrun.

...

7.4CVSS7AI score0.00047EPSS

Exploits1

Tenable Nessus•added 2021/07/14 12:0 a.m.•23 views

Juniper Junos OS Vulnerability (JSA11178)

The version of Junos OS installed on the remote host is affected by a vulnerability as referenced in the JSA11178 advisory. - In Juniper Networks Junos OS there are various cases in the IPv6 socket code where the protocol control block's state flags are modified during a syscall, but are not...

5.5CVSS6.3AI score0.0004EPSS

Exploits0References2

Tenable Nessus•added 2020/12/28 12:0 a.m.•51 views

Fedora 32 : xen (2020-df772b417b)

xenstore watch notifications lacking permission checks XSA-115, CVE-2020-29480 1908091 Xenstore: new domains inheriting existing node permissions XSA-322, CVE-2020-29481 1908095 Xenstore: wrong path length check XSA-323, CVE-2020-29482 1908096 Xenstore: guests can crash xenstored via watchs...

8.8CVSS6.3AI score0.00071EPSS

Exploits0References12

Tenable Nessus•added 2020/12/28 12:0 a.m.•47 views

Fedora 33 : xen (2020-64859a826b)

8.8CVSS6.3AI score0.00071EPSS

Exploits0References13

OSV•added 2020/12/22 1:16 p.m.•6 views

SUSE-SU-2020:3914-1 Security update for xen

This update for xen fixes the following issues: - CVE-2020-29480: Fixed an issue which could have allowed leak of non-sensitive data to administrator guests bsc117949 XSA-115. - CVE-2020-29481: Fixed an issue which could have allowd to new domains to inherit existing node permissions bsc1179498...

8.8CVSS6AI score0.00569EPSS

Exploits1References19

Tenable Nessus•added 2020/12/21 12:0 a.m.•38 views

SUSE SLED15 / SLES15 Security Update : xen (SUSE-SU-2020:3881-1)

This update for xen fixes the following issues : CVE-2020-29480: Fixed an issue which could have allowed leak of non-sensitive data to administrator guests bsc117949 XSA-115. CVE-2020-29481: Fixed an issue which could have allowd to new domains to inherit existing node permissions bsc1179498...

8.8CVSS6.2AI score0.00071EPSS

Exploits0References24

OSV•added 2020/12/15 5:15 p.m.•23 views

CVE-2020-29570

6.2CVSS8.6AI score

Exploits0References6

OSV•added 2020/12/15 5:15 p.m.•1 views

ALPINE-CVE-2020-29570

6.2CVSS6.8AI score0.0006EPSS

Exploits0References1

OSV•added 2020/12/15 5:15 p.m.•1 views

DEBIAN-CVE-2020-29570