Lucene search
K

1798 matches found

RedhatCVE
RedhatCVE
added 2026/06/05 7:21 p.m.11 views

CVE-2026-34177

Canonical LXD versions 4.12 through 6.7 contain an incomplete denylist in isVMLowLevelOptionForbidden lxd/project/limits/permissions.go, which omits raw.apparmor and raw.qemu.conf from the set of keys blocked under the restricted.virtual-machines.lowlevel=block project restriction. A remote...

9.1CVSS5.5AI score0.00363EPSS
Exploits0References1
Snyk
Snyk
added 2026/05/31 9:0 p.m.7 views

Malicious Package

Overview @cloudplatform-single-spa/vcenter-virtual-machines is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that...

9.8CVSS5.9AI score
Exploits0References2
Packet Storm News
Packet Storm News
added 2026/05/31 12:0 a.m.27 views

Formal Verification of Secure Encrypted Virtualization

Trusted execution environments TEEs provide a secure environment for data and code in use, ensuring that they are protected with respect to confidentiality and integrity. Virtual machine VM-based TEEs utilize virtualization technology to create isolated execution spaces that can support a complet...

6AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/05/30 12:0 a.m.21 views

NICE: A Framework for Declarative and Machine-Checkable Vulnerability Reproduction

Reproducing software vulnerabilities is fundamental to security researchers, open-source maintainers, and educators. Yet, vulnerabilities remain hard to reproduce today, and even when they can be reproduced, recreating a software environment where the vulnerability can be exploited becomes harder...

5.8AI score
Exploits0
RedhatCVE
RedhatCVE
added 2026/05/29 2:4 p.m.15 views

CVE-2025-35979

A flaw was found in the kernel. This vulnerability, affecting some IntelR Processors, involves shared microarchitectural predictor state that influences transient execution within VMX non-root guest operation. An unprivileged software adversary with an authenticated user can exploit this locally ...

6.8CVSS5.7AI score0.00096EPSS
Exploits0References4
Fedora
Fedora
added 2026/05/28 1:13 a.m.14 views

[SECURITY] Fedora 44 Update: xen-4.21.1-3.fc44

This package contains the XenD daemon and xm command line tools, needed to manage virtual machines running under the Xen hypervisor...

7.3CVSS5.8AI score0.00258EPSS
Exploits0
Fedora
Fedora
added 2026/05/28 12:48 a.m.13 views

[SECURITY] Fedora 43 Update: xen-4.20.3-3.fc43

This package contains the XenD daemon and xm command line tools, needed to manage virtual machines running under the Xen hypervisor...

7.3CVSS5.8AI score0.00258EPSS
Exploits0
Fedora
Fedora
added 2026/05/27 1:27 a.m.15 views

[SECURITY] Fedora 43 Update: rust-coreos-installer-0.26.0-2.fc43

coreos-installer installs Fedora CoreOS or RHEL CoreOS to bare-metal machines or, occasionally, to virtual machines...

9.8CVSS5.8AI score0.00412EPSS
Exploits0
Fedora
Fedora
added 2026/05/27 12:53 a.m.14 views

[SECURITY] Fedora 44 Update: rust-coreos-installer-0.26.0-2.fc44

coreos-installer installs Fedora CoreOS or RHEL CoreOS to bare-metal machines or, occasionally, to virtual machines...

9.8CVSS5.8AI score0.00412EPSS
Exploits0
Packet Storm News
Packet Storm News
added 2026/05/27 12:0 a.m.10 views

Do You Dare to Try Test-Driven Forensics? Increasing Trust in Desktop Forensics with ADARE

Digital forensic relies on validated tools and established procedures, yet the underlying operating systems, applications, and analysis tools evolve rapidly. This evolution can cause artifact behavior and tool outputs to drift, silently degrading repeatability and confidence in long-lived forensi...

5.8AI score
Exploits0
Redos
Redos
added 2026/05/24 12:0 a.m.15 views

ROS-20260524-73-0006

A vulnerability in the JGSS component of the Oracle Java SE software platform, Oracle GraalVM for JDK and Oracle GraalVM Enterprise Edition virtual machines is associated with a breach of the data protection mechanism. Exploitation of the vulnerability could allow a remote attacker to gain...

5.3CVSS7.2AI score0.0028EPSS
Exploits0
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.8 views

Astra Linux – Vulnerability in OVN

A flaw was discovered in the Open Virtual Network OVN. Specially crafted UDP packets may bypass egress access control lists ACLs in OVN installations that are configured with a logical switch equipped with DNS records. This occurs if the same switch has any egress ACLs configured. This issue can...

8.1CVSS6.8AI score0.00832EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Linux, Linux 5.10

A issue was discovered in the x86 KVM subsystem of the Linux kernel before version 5.18.17. Unprivileged guest users can compromise the guest kernel because TLB flush operations are mishandled in certain KVMVCPUPREEMPTED situations...

7.8CVSS6.7AI score0.00323EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: Drivers: hv: vmbus – Track the decryption status in vmbusgpadl. In CoCo VMs, it is possible for the untrusted host to cause setmemoryencrypted or setmemorydecrypted to fail, resulting in an error and the shared memory being...

8.1CVSS6.2AI score0.00915EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2026/05/19 9:12 a.m.14 views

Moderate: Red Hat Security Advisory: edk2 security update

An update for edk2 is now available for Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...

7.5CVSS6.6AI score0.01744EPSS
Exploits0References6
OSV
OSV
added 2026/05/19 12:0 a.m.7 views

ALSA-2026:18465 Important: edk2 security update

EDK Embedded Development Kit is a project to enable UEFI support for Virtual Machines. This package contains a sample 64-bit UEFI firmware for QEMU and KVM. Security Fixes: edk2: EDK2: Improper Input Validation allows arbitrary command execution CVE-2025-2296 For more details about the security...

8.4CVSS6AI score0.00669EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/05/15 12:0 a.m.10 views

AMD多款产品 安全漏洞

The AMD Instinct MI210, among others, are GPU acceleration cards produced by American semiconductor company AMD. Several AMD products have security vulnerabilities. These vulnerabilities stem from improper cleanup of shared register resources, which may allow attackers with administrator privileg...

4.6CVSS5.8AI score0.00112EPSS
Exploits0References1
Fedora
Fedora
added 2026/05/14 4:3 a.m.12 views

[SECURITY] Fedora 42 Update: xen-4.19.5-2.fc42

This package contains the XenD daemon and xm command line tools, needed to manage virtual machines running under the Xen hypervisor...

7.8CVSS5.8AI score0.00191EPSS
Exploits0
Cvelist
Cvelist
added 2026/05/08 12:22 p.m.59 views

CVE-2026-25199 Apache CloudStack: Proxmox Extension Allows Unauthorized Cross-Tenant Instance Access

Instances deployed via the Proxmox extension allow unauthorized access to instances belonging to other tenants. This issue affects Apache CloudStack: from 4.21.0.0 through 4.22.0.0. The Proxmox extension for CloudStack improperly uses a user-editable instance setting, proxmoxvmid, to associate...

0.005EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/05/08 12:11 p.m.10 views

CVE-2025-66171 Apache CloudStack: Any user can create a new VM from backups they should not have access to

The CloudStack Backup plugin has an improper access logic in versions 4.21.0.0 and 4.22.0.0. Anyone with authenticated user-account access in CloudStack 4.21.0.0+ environments, where this plugin is enabled and have access to specific APIs can create new VMs using backups of any other user of the...

5.8AI score0.0053EPSS
Exploits0References1
Rows per page
Query Builder