Lucene search
K

4512 matches found

CVE
CVE
added 2026/05/28 9:35 a.m.78 views

CVE-2026-46113

CVE-2026-46113 (Linux kernel KVM x86 shadow paging use-after-free) is a resolved vulnerability in the KVM shadow paging path. The issue arises when the shadow MMU computes GFNs for direct shadow pages using sp->gfn plus the SPTE index and guest page-table modifications between VM entries can c...

8.8CVSS5.7AI score0.00126EPSS
Exploits0References6Affected Software1
Debian CVE
Debian CVE
added 2026/05/28 9:35 a.m.12 views

CVE-2026-46113

In the Linux kernel, the following vulnerability has been resolved: KVM: x86: Fix shadow paging use-after-free due to unexpected GFN The shadow MMU computes GFNs for direct shadow pages using sp-gfn plus the SPTE index. This assumption breaks for shadow paging if the guest page tables are modifie...

8.8CVSS5.7AI score0.00126EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2026/05/28 8:10 a.m.9 views

KVM: nSVM: Sync interrupt shadow to cached vmcb12 after VMRUN of L2

...

5.5CVSS5.4AI score0.00123EPSS
Exploits0
Cvelist
Cvelist
added 2026/05/28 4:42 a.m.39 views

CVE-2026-9801 Keycloak: keycloak: denial of service via malformed ldap password policy response

A flaw was found in Keycloak. A remote attacker with high privileges, such as a realm administrator configuring a malicious Lightweight Directory Access Protocol LDAP server or an attacker compromising an upstream LDAP server, could exploit this vulnerability. By sending a malformed LDAP password...

4.9CVSS0.00476EPSS
Exploits0References6
Vulnrichment
Vulnrichment
added 2026/05/28 4:42 a.m.13 views

CVE-2026-9801 Keycloak: keycloak: denial of service via malformed ldap password policy response

A flaw was found in Keycloak. A remote attacker with high privileges, such as a realm administrator configuring a malicious Lightweight Directory Access Protocol LDAP server or an attacker compromising an upstream LDAP server, could exploit this vulnerability. By sending a malformed LDAP password...

4.9CVSS5.8AI score0.00476EPSS
Exploits0References6
Snyk
Snyk
added 2026/05/28 4:18 a.m.7 views

Improper Validation of Specified Quantity in Input

Overview Affected versions of this package are vulnerable to Improper Validation of Specified Quantity in Input in the LDAP federation BER decoder. An attacker can cause the Java Virtual Machine to terminate and disrupt service availability by sending a malformed LDAP password-policy response...

6.9CVSS5.5AI score0.00476EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2026/05/28 3:54 a.m.13 views

SUSE CVE-2026-45987

In the Linux kernel, the following vulnerability has been resolved: KVM: nSVM: Sync interrupt shadow to cached vmcb12 after VMRUN of L2 After VMRUN in guest mode, nestedsynccontrolfromvmcb02 syncs fields written by the CPU from vmcb02 to the cached vmcb12. This is because the cached vmcb12 is use...

5.5CVSS5.7AI score0.00123EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/05/28 12:0 a.m.16 views

PT-2026-44376

Name of the Vulnerable Software and Affected Versions Canonical Multipass versions prior to 1.16.3 Description The host-side SFTP server component sshfs server, which runs with root privileges on the host, contains a path containment bypass in the validate path function. This function uses a plai...

8.4CVSS6AI score0.00505EPSS
Exploits1References4
CNNVD
CNNVD
added 2026/05/28 12:0 a.m.12 views

Canonical Multipass 安全漏洞

Canonical Multipass is a virtual instance of Ubuntu developed by Canonical OpenSource. Versions of Canonical Multipass prior to 1.16.3 contained security vulnerabilities. These vulnerabilities stemmed from the validatepath function in the sshfsserver component, which had a path bypass issue. It...

8.4CVSS5.8AI score0.00505EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2026/05/28 12:0 a.m.27 views

PT-2026-44236

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A use-after-free issue exists in the KVM x86 shadow paging mechanism. The shadow MMU calculates Guest Frame Numbers GFNs for direct shadow pages by adding the SPTE index to sp-gfn. This...

8.8CVSS5.9AI score0.00126EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2026/05/27 8:9 p.m.10 views

CVE-2026-46071

A flaw was found in the Linux kernel's Kernel-based Virtual Machine KVM subsystem, specifically affecting its nested virtualization nSVM capabilities. The issue arises from incorrect handling of Virtual Machine Control Block Last Branch Record VMCBLBR data when copied to vmcb12, an operation that...

5.5CVSS5.8AI score0.00121EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/05/27 6:50 p.m.8 views

CVE-2026-45102

OneUptime is an open-source monitoring and observability platform. Prior to 10.0.98, OneUptime uses the Node.js' vm module as an isolation primitive. This API was not designed for that and can be escaped via error objects and infinite recursion. This vulnerability is fixed in 10.0.98...

9.9CVSS5.8AI score0.00266EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2026/05/27 6:50 p.m.11 views

CVE-2026-45102 OneUptime: RCE due to Node.js' vm module escape via error objects and infinite recursion

OneUptime is an open-source monitoring and observability platform. Prior to 10.0.98, OneUptime uses the Node.js' vm module as an isolation primitive. This API was not designed for that and can be escaped via error objects and infinite recursion. This vulnerability is fixed in 10.0.98...

9.9CVSS5.8AI score0.00266EPSS
Exploits0References1
EUVD
EUVD
added 2026/05/27 6:50 p.m.13 views

EUVD-2026-32632

OneUptime is an open-source monitoring and observability platform. Prior to 10.0.98, OneUptime uses the Node.js' vm module as an isolation primitive. This API was not designed for that and can be escaped via error objects and infinite recursion. This vulnerability is fixed in 10.0.98...

9.9CVSS5.8AI score0.00266EPSS
Exploits0References1
NVD
NVD
added 2026/05/27 2:17 p.m.16 views

CVE-2026-46076

In the Linux kernel, the following vulnerability has been resolved: KVM: nSVM: Raise UD if unhandled VMMCALL isn't intercepted by L1 Explicitly synthesize a UD for VMMCALL if L2 is active, L1 does NOT want to intercept VMMCALL, nestedsvml2tlbflushenabled is true, and the hypercall is something...

7.9CVSS0.00121EPSS
Exploits0References4
OSV
OSV
added 2026/05/27 2:17 p.m.10 views

UBUNTU-CVE-2026-45987

In the Linux kernel, the following vulnerability has been resolved: KVM: nSVM: Sync interrupt shadow to cached vmcb12 after VMRUN of L2 After VMRUN in guest mode, nestedsynccontrolfromvmcb02 syncs fields written by the CPU from vmcb02 to the cached vmcb12. This is because the cached vmcb12 is use...

5.5CVSS5.7AI score0.00123EPSS
Exploits0References7
OSV
OSV
added 2026/05/27 12:57 p.m.2 views

CVE-2026-46071 KVM: nSVM: Avoid clearing VMCB_LBR in vmcb12

In the Linux kernel, the following vulnerability has been resolved: KVM: nSVM: Avoid clearing VMCBLBR in vmcb12 svmcopylbrs always marks VMCBLBR dirty in the destination VMCB. However, nestedsvmvmexit uses it to copy LBRs to vmcb12, and clearing clean bits in vmcb12 is not architecturally defined...

5.5CVSS5.8AI score0.00121EPSS
Exploits0References6
Debian CVE
Debian CVE
added 2026/05/27 12:57 p.m.23 views

CVE-2026-46071

In the Linux kernel, the following vulnerability has been resolved: KVM: nSVM: Avoid clearing VMCBLBR in vmcb12 svmcopylbrs always marks VMCBLBR dirty in the destination VMCB. However, nestedsvmvmexit uses it to copy LBRs to vmcb12, and clearing clean bits in vmcb12 is not architecturally defined...

5.5CVSS5.7AI score0.00121EPSS
Exploits0
EUVD
EUVD
added 2026/05/27 12:57 p.m.11 views

EUVD-2026-32453

In the Linux kernel, the following vulnerability has been resolved: KVM: nSVM: Avoid clearing VMCBLBR in vmcb12 svmcopylbrs always marks VMCBLBR dirty in the destination VMCB. However, nestedsvmvmexit uses it to copy LBRs to vmcb12, and clearing clean bits in vmcb12 is not architecturally defined...

5.8AI score0.00121EPSS
Exploits0References3
EUVD
EUVD
added 2026/05/27 12:57 p.m.15 views

EUVD-2026-32441

In the Linux kernel, the following vulnerability has been resolved: KVM: nSVM: Always use NextRIP as vmcb02's NextRIP after first L2 VMRUN For guests with NRIPS disabled, L1 does not provide NextRIP when running an L2 with an injected soft interrupt, instead it advances the current RIP before...

5.7AI score0.00121EPSS
Exploits0References3
Rows per page
Query Builder