Lucene search
K

413 matches found

Tenable Nessus
Tenable Nessus
added 2026/04/22 12:0 a.m.6 views

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-013631)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013631 advisory. In the Linux kernel, the following vulnerability has been resolved: RDMA/siw: Fix immediate work request flush to completion queue Correctly set send queue element...

5.5AI score0.00206EPSS
Exploits0References4
OSV
OSV
added 2026/04/17 3:19 p.m.4 views

JLSEC-2026-140

OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. In versions 3.3.0 through 3.3.6 and 3.4.0 through 3.4.4, a heap-buffer-overflow OOB read occurs in the istreamnonparallelread function in...

6.5CVSS5.8AI score0.00523EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2026/04/17 12:0 a.m.9 views

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-007311)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007311 advisory. In the Linux kernel, the following vulnerability has been resolved: KVM: Stop looking for coalesced MMIO zones if the bus is destroyed Abort the walk of coalesced MM...

6CVSS6.4AI score0.00238EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/04/16 12:0 a.m.15 views

AMD EPYC 安全漏洞

AMD EPYC is a high-performance server processor developed by American semiconductor company AMD. AMD EPYC has a security vulnerability that stems from the lack of lock verification. This vulnerability could allow for modifications to MMIO routes and undermine the integrity of customer systems...

5.9CVSS5.8AI score0.00108EPSS
Exploits1References1
Tenable Nessus
Tenable Nessus
added 2026/04/10 12:0 a.m.3 views

Unity Linux 20.1070e Security Update: openldap (UTSA-2026-007094)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007094 advisory. OpenLDAP Lightning Memory-Mapped Database LMDB versions up to and including 0.9.14, prior to commit 8e1fda8, contain a heap buffer underflow in the readline function...

4.6CVSS6AI score0.00127EPSS
Exploits0References4
EUVD
EUVD
added 2026/04/06 5:51 p.m.6 views

EUVD-2026-7407

OpenEXR has heap-buffer-overflow via signed integer underflow in ImfContextInit.cpp...

6.5CVSS5.9AI score0.00523EPSS
Exploits1References4
Github Security Blog
Github Security Blog
added 2026/04/06 5:51 p.m.5 views

OpenEXR has heap-buffer-overflow via signed integer underflow in ImfContextInit.cpp

Summary A heap-buffer-overflow OOB read occurs in the istreamnonparallelread function in ImfContextInit.cpp when parsing a malformed EXR file through a memory-mapped IStream. A signed integer subtraction produces a negative value that is implicitly converted to sizet, resulting in a massive lengt...

6.5CVSS5.9AI score0.00523EPSS
Exploits1References5Affected Software1
EUVD
EUVD
added 2026/04/03 6:31 p.m.4 views

EUVD-2026-18732

In the Linux kernel, the following vulnerability has been resolved: drm/xe: Open-code GGTT MMIO access protection GGTT MMIO access is currently protected by hotplug drmdeventer, which works correctly when the driver loads successfully and is later unbound or unloaded. However, if driver load fail...

5.7AI score0.00129EPSS
Exploits0References5
OSV
OSV
added 2026/04/03 4:16 p.m.3 views

UBUNTU-CVE-2026-23466

In the Linux kernel, the following vulnerability has been resolved: drm/xe: Open-code GGTT MMIO access protection GGTT MMIO access is currently protected by hotplug drmdeventer, which works correctly when the driver loads successfully and is later unbound or unloaded. However, if driver load fail...

7.8CVSS5.7AI score0.00129EPSS
Exploits0References7
UbuntuCve
UbuntuCve
added 2026/04/03 4:16 p.m.5 views

CVE-2026-23466

In the Linux kernel, the following vulnerability has been resolved: drm/xe: Open-code GGTT MMIO access protection GGTT MMIO access is currently protected by hotplug drmdeventer, which works correctly when the driver loads successfully and is later unbound or unloaded. However, if driver load fail...

7.8CVSS5.7AI score0.00129EPSS
Exploits0References6
Cvelist
Cvelist
added 2026/04/03 3:15 p.m.36 views

CVE-2026-23466 drm/xe: Open-code GGTT MMIO access protection

In the Linux kernel, the following vulnerability has been resolved: drm/xe: Open-code GGTT MMIO access protection GGTT MMIO access is currently protected by hotplug drmdeventer, which works correctly when the driver loads successfully and is later unbound or unloaded. However, if driver load fail...

7.8CVSS0.00129EPSS
Exploits0References4
Microsoft CVE
Microsoft CVE
added 2026/04/02 8:1 a.m.7 views

KVM: x86/mmu: Drop/zap existing present SPTE even when creating an MMIO SPTE

...

8.4CVSS5.7AI score0.00184EPSS
Exploits0
NVD
NVD
added 2026/04/01 9:16 a.m.5 views

CVE-2026-23401

In the Linux kernel, the following vulnerability has been resolved: KVM: x86/mmu: Drop/zap existing present SPTE even when creating an MMIO SPTE When installing an emulated MMIO SPTE, do so after dropping/zapping the existing SPTE if it's shadow-present. While commit a54aa15c6bda3 was right about...

8.1CVSS0.00184EPSS
Exploits0References28
OSV
OSV
added 2026/04/01 9:16 a.m.7 views

UBUNTU-CVE-2026-23401

In the Linux kernel, the following vulnerability has been resolved: KVM: x86/mmu: Drop/zap existing present SPTE even when creating an MMIO SPTE When installing an emulated MMIO SPTE, do so after dropping/zapping the existing SPTE if it's shadow-present. While commit a54aa15c6bda3 was right about...

8.1CVSS5.7AI score0.00184EPSS
Exploits0References4
CVE
CVE
added 2026/04/01 8:36 a.m.168 views

CVE-2026-23401

CVE-2026-23401: In the Linux kernel KVM x86/mmu, a race allowed installing an MMIO SPTE without first zapping an existing shadow-present SPTE when guest memory writes occurred outside KVM’s scope. This could enable a guest‑memory–related fault to leave a shadow SPTE intact when an MMIO SPTE is in...

8.1CVSS5.8AI score0.00184EPSS
Exploits0References28Affected Software1
Tenable Nessus
Tenable Nessus
added 2026/04/01 12:0 a.m.8 views

Oracle Linux 10 / 9 : Unbreakable Enterprise kernel (ELSA-2026-50170)

The remote Oracle Linux 10 / 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2026-50170 advisory. 6.12.0-200.74.27.1 - KVM: x86/mmu: Drop/zap existing present SPTE even when creating an MMIO SPTE Sean Christopherson Orabug: 39071315 Tenable has extract...

8.1CVSS5.8AI score0.00184EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2026/03/11 1:14 a.m.4 views

kernel: x86/tdx: Fix "in-kernel MMIO" check

A flaw was found in the Linux kernel. Userspace can deceive the kernel into performing MMIO Memory-Mapped IO operations in TDX Trust Domain Extensions on its behalf, allowing a VE Virtualization Exception to be incorrectly handled as a in-kernel MMIO operation...

7.8CVSS7.2AI score0.00247EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/03/09 9:38 a.m.7 views

kernel: x86/tdx: Fix "in-kernel MMIO" check

A flaw was found in the Linux kernel. Userspace can deceive the kernel into performing MMIO Memory-Mapped IO operations in TDX Trust Domain Extensions on its behalf, allowing a VE Virtualization Exception to be incorrectly handled as a in-kernel MMIO operation...

7.8CVSS7.2AI score0.00247EPSS
Exploits0References5
OSV
OSV
added 2026/02/28 12:44 p.m.8 views

OESA-2026-1428 openldap security update

OpenLDAP is an open source suite of LDAP Lightweight Directory Access Protocol applications and development tools. LDAP is a set of protocols for accessing directory services usually phone book style information, but other information is possible over the Internet, similar to the way DNS Domain...

4.6CVSS6AI score0.00127EPSS
Exploits0References2
OSV
OSV
added 2026/02/28 12:44 p.m.7 views

OESA-2026-1426 openldap security update

OpenLDAP is an open source suite of LDAP Lightweight Directory Access Protocol applications and development tools. LDAP is a set of protocols for accessing directory services usually phone book style information, but other information is possible over the Internet, similar to the way DNS Domain...

4.6CVSS6AI score0.00127EPSS
Exploits0References2
Rows per page
Query Builder