Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

EUVD
EUVDadded 2026/05/27 6:50 p.m.9 views

EUVD-2026-32632

OneUptime is an open-source monitoring and observability platform. Prior to 10.0.98, OneUptime uses the Node.js' vm module as an isolation primitive. This API was not designed for that and can be escaped via error objects and infinite recursion. This vulnerability is fixed in 10.0.98...

9.9CVSS5.8AI score0.00062EPSS
Exploits0References1
EUVD
EUVDadded 2026/05/15 2:59 a.m.7 views

EUVD-2024-55589

Improper isolation of VCN-JPEG HW register space could allow a malicious Guest Virtual Machine VM or a process to perform unauthorized access to the register space of the JPEG cores assigned a victim VM/process, potentially gaining arbitrary read/write access to the victim VM/process data...

8.8CVSS5.9AI score0.00012EPSS
Exploits0References1
Snyk
Snykadded 2026/05/07 4:32 a.m.5 views

Improper Isolation or Compartmentalization

Overview org.webjars.npm:vm2 is a sandbox that can run untrusted code with whitelisted Node's built-in modules. Affected versions of this package are vulnerable to Improper Isolation or Compartmentalization through the transformer fast-path in the source instrumentation logic. An attacker can...

6.9CVSS5.9AI score0.00049EPSS
Exploits1References2
OSV
OSVadded 2025/11/07 9:8 a.m.2 views

USN-7861-2 linux-realtime, linux-realtime-6.8 vulnerabilities

Jean-Claude Graf, Sandro Rüegge, Ali Hajiabadi, and Kaveh Razavi discovered that the Linux kernel contained insufficient branch predictor isolation between a guest and a userspace hypervisor for certain processors. This flaw is known as VMSCAPE. An attacker in a guest VM could possibly use this t...

7.8CVSS6.7AI score0.00135EPSS
Exploits8References5
Ubuntu
Ubuntuadded 2025/11/06 10:5 a.m.2 views

USN-7863-1: Linux kernel vulnerabilities

Jean-Claude Graf, Sandro Rüegge, Ali Hajiabadi, and Kaveh Razavi discovered that the Linux kernel contained insufficient branch predictor isolation between a guest and a userspace hypervisor for certain processors. This flaw is known as VMSCAPE. An attacker in a guest VM could possibly use this t...

7.8CVSS7.4AI score0.01125EPSS
Exploits8
Positive Technologies
Positive Technologiesadded 2025/08/14 12:0 a.m.6 views

PT-2025-37194

Name of the Vulnerable Software and Affected Versions Linux Kernel affected versions not specified Description VMScape is a vulnerability that exploits insufficient branch predictor isolation between a guest and a userspace hypervisor like QEMU. The vulnerability allows a malicious virtual machin...

5.5CVSS8.1AI score0.00039EPSS
Exploits0
GoogleProjectZero
GoogleProjectZeroadded 2023/04/24 12:0 a.m.10 views

Release of a Technical Report into Intel Trust Domain Extensions

Today, members of Google Project Zero and Google Cloud are releasing a report on a security review of Intel's Trust Domain Extensions TDX. TDX is a feature introduced to support Confidential Computing by providing hardware isolation of virtual machine guests at runtime. This isolation is achieved...

7AI score
Exploits0
Rows per page
Query Builder