CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

CNNVD•added 2024/12/06 12:0 a.m.•3 views

OpenBSD 安全漏洞

OpenBSD is a cross-platform, BSD-based UNIX-like operating system from the Canadian OpenBSD organization. A security vulnerability exists in versions of OpenBSD prior to 7.4 that stems from vmm not properly recovering the GDTR limit on Intel CPUs...

7.9CVSS6.6AI score0.00131EPSS

OSV•added 2024/01/05 5:15 p.m.•1 views

ALPINE-CVE-2023-34327

This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. AMD CPUs since 2014 have extensions to normal x86 debugging functionality. Xen supports guests using these extensions. Unfortunately there are errors in Xen's handling of...

5.5CVSS7.1AI score0.00256EPSS

OSV•added 2024/01/05 5:15 p.m.•0 views

ALPINE-CVE-2023-34328

5.5CVSS7.1AI score0.00256EPSS

SUSE CVE•added 2023/10/12 2:35 p.m.•2 views

SUSE CVE-2023-34327

5.7CVSS7.2AI score0.00256EPSS

Exploits0References20

SUSE CVE•added 2023/10/11 1:47 a.m.•1 views

SUSE CVE-2023-34328

5.7CVSS7.9AI score0.00256EPSS

Exploits0References20

SUSE CVE•added 2023/02/15 4:27 a.m.•1 views

SUSE CVE-2018-10901

A flaw was found in Linux kernel's KVM virtualization subsystem. The VMX code does not restore the GDT.LIMIT to the previous host value, but instead sets it to 64KB. With a corrupted GDT limit a host's userspace code has an ability to place malicious entries in the GDT, particularly to the per-cp...

7.8CVSS7.8AI score0.0052EPSS

Exploits0References3

OSV•added 2022/06/08 3:15 p.m.•1 views

CVE-2021-36710

ToaruOS 1.99.2 is affected by incorrect access control via the kernel. Improper MMU management and having a low GDT address allows it to be mapped in userland. A call gate can then be written to escalate to CPL 0...

8.8CVSS5.8AI score

Positive Technologies•added 2022/06/08 12:0 a.m.•3 views

PT-2022-10535 · Toaruos · Toaruos

Name of the Vulnerable Software and Affected Versions: ToaruOS version 1.99.2 Description: The issue is related to incorrect access control via the kernel, specifically due to improper MMU management and a low GDT address that allows it to be mapped in userland. This can be exploited by writing a...

8.8CVSS8.5AI score0.00344EPSS

Exploits1References3

RedHat Linux•added 2018/08/14 9:2 p.m.•6 views

kernel: kvm: vmx: host GDT limit corruption

RedHat Linux•added 2018/08/14 8:19 p.m.•1 views

kernel: kvm: vmx: host GDT limit corruption

RedHat Linux•added 2018/08/14 8:18 p.m.•2 views

kernel: kvm: vmx: host GDT limit corruption

RedHat Linux•added 2018/08/14 8:18 p.m.•1 views

kernel: kvm: vmx: host GDT limit corruption

OSV•added 2018/07/26 5:29 p.m.•2 views

CVE-2018-10901

7.8CVSS8.1AI score0.0052EPSS

Exploits0References11

Positive Technologies•added 2018/07/26 12:0 a.m.•6 views

PT-2018-2205 · Linux +2 · Linux Kernel +2

Name of the Vulnerable Software and Affected Versions: Linux kernel's KVM virtualization subsystem affected versions not specified Description: A flaw in the Linux kernel's KVM virtualization subsystem is related to inadequate access control. The issue is caused by the VMX code not restoring the...

7.8CVSS7.7AI score0.7354EPSS

Exploits1References52

RedHat Linux•added 2015/07/20 2:0 p.m.•1 views

kernel: x86: espfix(64) bypass via set_thread_area and CLONE_SETTLS

It was found that the espfix functionality could be bypassed by installing a 16-bit RW data segment into GDT instead of LDT which espfix checks, and using that segment on the stack. A local, unprivileged user could potentially use this flaw to leak kernel stack addresses...

2.1CVSS6.6AI score0.00583EPSS

Cvelist•added 2014/09/19 10:0 a.m.•18 views

CVE-2014-4403

The kernel in Apple OS X before 10.9.5 allows local users to obtain sensitive address information and bypass the ASLR protection mechanism by leveraging predictability of the location of the CPU Global Descriptor Table...

6.6AI score0.00366EPSS