Lucene search
K

4482 matches found

RedhatCVE
RedhatCVE
added 2026/06/05 6:48 p.m.12 views

CVE-2024-36332

Improper isolation of GPU HW register space could allow a privileged attacker in malicious Guest Virtual Machine VM to perform unauthorized access to specific victim range of GPU MMIO register space, potentially causing the host OS to reboot and creating a Denial of Service DOS condition...

6.8CVSS5.5AI score0.00105EPSS
Exploits0References1
OSV
OSV
added 2026/06/05 4:10 a.m.5 views

MINI-VM4W-CVQ5-V5FG

Bulletin has no description...

7.5CVSS5.7AI score0.01228EPSS
Exploits0
ATTACKERKB
ATTACKERKB
added 2026/06/04 2:10 a.m.8 views

CVE-2026-41858

Weak Randomness / Insecure Cryptographic Primitive CWE-338 in Get-RandomPassword in BOSH-Ecosystem / windows-utilities-release allows a network attacker to estimate VM boot time and reconstruct a small candidate list to recover the Administrator password. The randomizepassword job exists solely t...

7.5CVSS5.8AI score0.00245EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/04 12:0 a.m.14 views

PT-2026-46132

Weak Randomness / Insecure Cryptographic Primitive CWE-338 in Get-RandomPassword in BOSH-Ecosystem / windows-utilities-release allows a network attacker to estimate VM boot time and reconstruct a small candidate list to recover the Administrator password. The randomize password job exists solely ...

7.5CVSS5.8AI score0.00245EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/03 12:30 a.m.11 views

EUVD-2026-34033

Fixed a VM panic caused by unbounded recursion in the grpcfuse kernel module when a container created deeply nested directories on a bind-mounted host folder and triggered a dentry invalidation event. This issue has been fixed in Docker Desktop 4.76.0...

8.2CVSS5.7AI score0.00115EPSS
Exploits0References2
NVD
NVD
added 2026/06/02 10:16 p.m.16 views

CVE-2026-8936

Fixed a VM panic caused by unbounded recursion in the grpcfuse kernel module when a container created deeply nested directories on a bind-mounted host folder and triggered a dentry invalidation event. This issue has been fixed in Docker Desktop 4.76.0...

8.2CVSS0.00115EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/06/02 9:9 p.m.8 views

CVE-2026-8936

Fixed a VM panic caused by unbounded recursion in the grpcfuse kernel module when a container created deeply nested directories on a bind-mounted host folder and triggered a dentry invalidation event. This issue has been fixed in Docker Desktop 4.76.0...

8.2CVSS5.7AI score0.00115EPSS
Exploits0References2Affected Software1
Packet Storm News
Packet Storm News
added 2026/06/02 12:0 a.m.8 views

Dstack-Capsule: Pod-Level Remote Attestation for Confidential Workloads on Kubernetes

The rise of LLM-as-a-Service and other confidential cloud workloads demands cryptographic proof that user data is processed in a trusted, untampered environment. Existing solutions, notably Confidential Containers CoCo, enforce a strict "one Pod per VM" model that attests only the Guest OS stack,...

5.8AI score
Exploits0
CNNVD
CNNVD
added 2026/06/02 12:0 a.m.9 views

OpenTelemetry eBPF Instrumentation 安全漏洞

OpenTelemetry eBPF Instrumentation is an open-source eBPF-based lightweight telemetry data collection tool developed by OpenTelemetry. Versions of OpenTelemetry eBPF Instrumentation prior to 0.9.0 contained security vulnerabilities. These vulnerabilities stemmed from the use of a custom...

5.5CVSS5.4AI score0.00161EPSS
Exploits1References2
NVD
NVD
added 2026/06/01 1:16 p.m.24 views

CVE-2026-34193

Kernel software installed and running inside a Guest/Host VM may post improper commands to the GPU Firmware to trigger a write of data outside the intended GPU memory. A logic error in the address translation allowed a compromised Host Kernel to perform arbitrary writes to firmware memory...

4.3CVSS0.00143EPSS
Exploits0References1
CVE
CVE
added 2026/06/01 11:14 a.m.26 views

CVE-2026-34193

CVE-2026-34193 affects kernel software running inside a Guest/Host VM that can post improper commands to the GPU firmware. A logic error in address translation enables a compromised Host (Kernel) to perform arbitrary writes to firmware memory, potentially impacting data integrity by writing beyon...

4.3CVSS5.9AI score0.00143EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/01 12:0 a.m.18 views

PT-2026-45409

Kernel software installed and running inside a Guest/Host VM may post improper commands to the GPU Firmware to trigger a write of data outside the intended GPU memory. A logic error in the address translation allowed a compromised Host Kernel to perform arbitrary writes to firmware memory...

4.3CVSS5.9AI score0.00143EPSS
Exploits0References2
vulnersOsv
vulnersOsv
added 2026/05/29 6:20 p.m.6 views

org.webjars.npm:degenerator (=4.0.4), org.webjars.npm:pac-resolver (=6.0.2) +1 more potentially affected by CVE-2026-47141 via org.webjars.npm:vm2 (=3.9.19)

org.webjars.npm:vm2 MAVEN version =3.9.19 is affected by a known vulnerability. The following packages have a transitive dependency on org.webjars.npm:vm2 and may be impacted: - org.webjars.npm:degenerator =4.0.4 - org.webjars.npm:pac-resolver =6.0.2 - org.webjars.npm:rocket.chatapps-engine =1.35...

6.9CVSS5.5AI score0.00308EPSS
Exploits0
Github Security Blog
Github Security Blog
added 2026/05/29 5:51 p.m.18 views

vm2 sandbox escape via JSPI-backed Promise `.finally()` species bypass

Summary A sandbox escape vulnerability in vm2 allows arbitrary code execution in the host process when untrusted code is executed with async support on runtimes exposing WebAssembly JSPI WebAssembly.promising / WebAssembly.Suspending. In the tested configuration, a JSPI-backed Promise can reach...

9.8CVSS6.4AI score0.00507EPSS
Exploits0References5Affected Software1
OSV
OSV
added 2026/05/29 5:40 p.m.12 views

GHSA-76W7-J9CQ-RX2J vm2 is Vulnerable to Sandbox Breakout Through Promise Species

Summary VM2 suffers from a sandbox breakout vulnerability. This allows attackers to write code which can escape from the VM2 sandbox and execute arbitrary commands on the host system. Details The localPromise constructor was changed to call this.thenundefined, eater to ensure a rejected promise i...

10CVSS6.5AI score0.0051EPSS
Exploits0References5
Microsoft CVE
Microsoft CVE
added 2026/05/29 8:3 a.m.8 views

KVM: x86: check for nEPT/nNPT in slow flush hypercalls

...

5.5CVSS5.4AI score0.00127EPSS
Exploits0
NVD
NVD
added 2026/05/28 2:16 p.m.22 views

CVE-2026-49238

An issue was discovered in Canonical Multipass before version 1.16.3. The host-side SFTP server component sshfsserver, which executes with root privileges on the host, contains a path containment bypass vulnerability within its validatepath function in src/sshfsmount/sftpserver.cpp. The function...

8.4CVSS0.00505EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2026/05/28 1:22 p.m.15 views

CVE-2026-49238

An issue was discovered in Canonical Multipass before version 1.16.3. The host-side SFTP server component sshfsserver, which executes with root privileges on the host, contains a path containment bypass vulnerability within its validatepath function in src/sshfsmount/sftpserver.cpp. The function...

8.4CVSS6AI score0.00505EPSS
Exploits1References2
EUVD
EUVD
added 2026/05/28 1:22 p.m.13 views

EUVD-2026-32899

An issue was discovered in Canonical Multipass before version 1.16.3. The host-side SFTP server component sshfsserver, which executes with root privileges on the host, contains a path containment bypass vulnerability within its validatepath function in src/sshfsmount/sftpserver.cpp. The function...

8.4CVSS6AI score0.00505EPSS
Exploits1References1
OSV
OSV
added 2026/05/28 10:16 a.m.23 views

UBUNTU-CVE-2026-46147

In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: Fix pin leak and publication ordering in pkvminitvcpu Two bugs exist in the vCPU initialisation path: 1. If a check fails after hyppinsharedmem succeeds, the cleanup path jumps to 'unlock' without calling unpinhostvcp...

5.5CVSS5.7AI score0.00126EPSS
Exploits0References6
Rows per page
Query Builder