5604 matches found
CVE-2025-48517
Insufficient Granularity of Access Control in SEV firmware could allow a privileged user with a malicious hypervisor to create a SEV-ES guest with an ASID in the range meant for SEV-SNP guests potentially resulting in a partial loss of confidentiality...
CVE-2025-48517
CVE-2025-48517 concerns AMD SEV firmware where insufficient granularity of access control could let a privileged attacker with a malicious hypervisor create a SEV-ES guest using an ASID reserved for SEV-SNP guests, potentially causing partial confidentiality loss. Reported across multiple sources...
CVE-2025-48517
Insufficient Granularity of Access Control in SEV firmware could allow a privileged user with a malicious hypervisor to create a SEV-ES guest with an ASID in the range meant for SEV-SNP guests potentially resulting in a partial loss of confidentiality...
CVE-2025-48517
Insufficient Granularity of Access Control in SEV firmware could allow a privileged user with a malicious hypervisor to create a SEV-ES guest with an ASID in the range meant for SEV-SNP guests potentially resulting in a partial loss of confidentiality...
CVE-2025-29948
Improper access control in AMD Secure Encrypted Virtualization SEV firmware could allow a malicious hypervisor to bypass RMP protections, potentially resulting in a loss of SEV-SNP guest memory integrity...
CVE-2025-29948
Improper access control in AMD Secure Encrypted Virtualization SEV firmware could allow a malicious hypervisor to bypass RMP protections, potentially resulting in a loss of SEV-SNP guest memory integrity...
CVE-2026-21247 Windows Hyper-V Remote Code Execution Vulnerability
...
CVE-2025-32467
Use of uninitialized variable for some TDX Module before version tdx1.5 within Ring 0: Hypervisor may allow an information disclosure. Authorized adversary with a privileged user combined with a high complexity attack may enable data exposure. This result may potentially occur via local access wh...
CVE-2025-32007
Out-of-bounds read for some TDX before version tdx module 1.5.24 within Ring 0: Hypervisor may allow an information disclosure. Authorized adversary with a privileged user combined with a low complexity attack may enable data exposure. This result may potentially occur via local access when attac...
CVE-2025-27572
Exposure of sensitive information during transient execution for some TDX within Ring 0: Hypervisor may allow an information disclosure. Authorized adversary with a privileged user combined with a high complexity attack may enable data exposure. This result may potentially occur via local access...
CVE-2025-32467
Use of uninitialized variable for some TDX Module before version tdx1.5 within Ring 0: Hypervisor may allow an information disclosure. Authorized adversary with a privileged user combined with a high complexity attack may enable data exposure. This result may potentially occur via local access wh...
CVE-2025-32467
The CVE-2025-32467 entry concerns use of an uninitialized variable in some TDX Module before tdx1.5, within Ring 0: Hypervisor, potentially enabling information disclosure. Documents state an authorized adversary with privileged access and high attack complexity may cause data exposure via local ...
CVE-2025-32007
Out-of-bounds read for some TDX before version tdx module 1.5.24 within Ring 0: Hypervisor may allow an information disclosure. Authorized adversary with a privileged user combined with a low complexity attack may enable data exposure. This result may potentially occur via local access when attac...
CVE-2025-30513
CVE-2025-30513 describes a race condition in a TDX Module operating in Ring 0 that may enable local privilege escalation. The vulnerability could impact confidentiality and integrity (high) with no availability impact, via a local attack requiring high privileges and no user interaction, and with...
CVE-2025-27940
Out-of-bounds read for some TDX Module before version tdx1.5 within Ring 0: Hypervisor may allow an information disclosure. Software side channel adversary with a privileged user combined with a high complexity attack may enable data exposure. This result may potentially occur via local access wh...
CVE-2025-27572
CVE-2025-27572 is an information-disclosure vulnerability in some Intel® Trust Domain Extensions (TDX) modules. A privileged, highly capable attacker with local access could trigger data exposure during transient execution in Ring 0 of the hypervisor. The impact is confined to confidentiality (hi...
CVE-2025-27572
Exposure of sensitive information during transient execution for some TDX within Ring 0: Hypervisor may allow an information disclosure. Authorized adversary with a privileged user combined with a high complexity attack may enable data exposure. This result may potentially occur via local access...
CVE-2025-25058
CVE-2025-25058 affects Intel Ethernet 800-Series kernel-mode drivers in VMware ESXi: improper initialization may allow information disclosure. A local, low-complexity attack by an authenticated unprivileged user could expose data. Vulnerable on ESXi 8.0 (before 2.2.2.0) and ESXi 9.0 (before 2.2.3...
PT-2026-7440
Improper input validation in IOMMU could allow a malicious hypervisor to reconfigure IOMMU registers resulting in loss of guest data integrity...
PT-2026-7294
Name of the Vulnerable Software and Affected Versions versions prior to 2025-27572 Description A hypervisor may allow an information disclosure. An authorized adversary with a privileged user and a high complexity attack may enable data exposure. This may occur via local access when attack...