12463 matches found
CVE-2025-0031
A use after free in the SEV firmware could allow a malicous hypervisor to activate a migrated guest with the SINGLESOCKET policy on a different socket than the migration agent potentially resulting in loss of integrity...
UBUNTU-CVE-2025-0031
A use after free in the SEV firmware could allow a malicous hypervisor to activate a migrated guest with the SINGLESOCKET policy on a different socket than the migration agent potentially resulting in loss of integrity...
CVE-2025-0031
A use after free in the SEV firmware could allow a malicous hypervisor to activate a migrated guest with the SINGLESOCKET policy on a different socket than the migration agent potentially resulting in loss of integrity...
CVE-2025-0031
A use after free in the SEV firmware could allow a malicous hypervisor to activate a migrated guest with the SINGLESOCKET policy on a different socket than the migration agent potentially resulting in loss of integrity...
CVE-2025-0031
CVE-2025-0031 describes a use-after-free in the AMD SEV firmware that could allow a malicious hypervisor to activate a migrated guest with the SINGLE_SOCKET policy on a different socket than the migration agent, potentially resulting in loss of integrity. Affected component: SEV firmware. Root ca...
CVE-2025-0031
A use after free in the SEV firmware could allow a malicous hypervisor to activate a migrated guest with the SINGLESOCKET policy on a different socket than the migration agent potentially resulting in loss of integrity...
CVE-2026-25947
Worklenz is a project management tool. Prior to 2.1.7, there are multiple SQL injection vulnerabilities were discovered in backend SQL query construction affecting project and task management controllers, reporting and financial data endpoints, real-time socket.io handlers, and resource allocatio...
CVE-2026-21236 Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability
...
nodejs: Nodejs denial of service
A denial of service flaw has been discovered in NodeJS. A malformed HTTP/2 HEADERS frame with oversized, invalid HPACK data can cause Node.js to crash by triggering an unhandled TLSSocket error ECONNRESET. Instead of safely closing the connection, the process crashes, enabling a remote denial of...
FreeBSD Security Advisory - FreeBSD-SA-26:03.blocklistd
FreeBSD Security Advisory - Due to a programming error, blocklistd leaks a socket descriptor for each adverse event report it receives. Once a certain number of leaked sockets is reached, blocklistd becomes unable to run the helper script: a child process is forked, but this child dereferences a...
AMD EPYC Processor 安全漏洞
The AMD EPYC Processor is a series of multi-core processors developed by Advanced Microelectronics Devices, Inc. AMD. There is a security vulnerability in the AMD EPYC Processor, which stems from the reuse of freed resources. This vulnerability may allow malicious virtual machine monitoring...
PT-2026-7445
A use after free in the SEV firmware could allow a malicous hypervisor to activate a migrated guest with the SINGLE SOCKET policy on a different socket than the migration agent potentially resulting in loss of integrity...
Siemens SCALANCE and RUGGEDCOM Improper Input Validation (CVE-2025-39860)
"In the Linux kernel, the following vulnerability has been resolved: Bluetooth: Fix use-after-free in l2capsockcleanuplisten syzbot reported the splat below without a repro. In the splat, a single thread calling btacceptdequeue freed sk and touched it after that. The root cause would be the racy...
FreeBSD-SA-26:03.blocklistd
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 ============================================================================= FreeBSD-SA-26:03.blocklistd Security Advisory The FreeBSD Project Topic: blocklistd8 socket leak Category: core Module: blocklistd Announced: 2026-02-10 Affects: FreeBSD...
Oracle Linux 10 : kernel (ELSA-2026-2282)
The remote Oracle Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-2282 advisory. - mptcp: Use skdstget and dstdevrcu in mptcpactiveenable. Davide Caratti RHEL-129044 CVE-2025-40133 - vsock/vmci: Clear the vmci transport packet...
FreeBSD -- blocklistd(8) socket leak
Problem Description: Due to a programming error, blocklistd leaks a socket descriptor for each adverse event report it receives. Once a certain number of leaked sockets is reached, blocklistd becomes unable to run the helper script: a child process is forked, but this child dereferences a null...
Remote Code Execution (RCE)
OpenClaw is vulnerable to Remote Code Execution RCE. The vulnerability is due to automatically using a user-supplied gatewayUrl from the query string to establish a WebSocket connection, which allows an attacker to exfiltrate authentication tokens without user interaction...
CVE-2026-25598
Harden-Runner is a CI/CD security agent that works like an EDR for GitHub Actions runners. Prior to 2.14.2, a security vulnerability has been identified in the Harden-Runner GitHub Action Community Tier that allows outbound network connections to evade audit logging. Specifically, outbound traffi...
CVE-2026-25598
Harden-Runner is a CI/CD security agent that works like an EDR for GitHub Actions runners. Prior to 2.14.2, a security vulnerability has been identified in the Harden-Runner GitHub Action Community Tier that allows outbound network connections to evade audit logging. Specifically, outbound traffi...
CVE-2026-25598 Bypassing Logging of Outbound Connections Using sendto, sendmsg, and sendmmsg in Harden-Runner (Community Tier)
Harden-Runner is a CI/CD security agent that works like an EDR for GitHub Actions runners. Prior to 2.14.2, a security vulnerability has been identified in the Harden-Runner GitHub Action Community Tier that allows outbound network connections to evade audit logging. Specifically, outbound traffi...