Lucene search
K

4224 matches found

OSV
OSV
added 2026/01/28 3:39 p.m.2 views

SUSE-SU-2026:0328-1 Security update for xen

This update for xen fixes the following issues: Security fixes: - CVE-2025-58150: Fixed buffer overrun with shadow paging and tracing XSA-477 bsc1256745 - CVE-2026-23553: Fixed incomplete IBPB for vCPU isolation XSA-479 bsc1256747 - CVE-2025-58149: Fixed incorrect removal od permissions on PCI...

8.8CVSS6AI score0.004EPSS
Exploits0References7
Cvelist
Cvelist
added 2026/01/28 3:33 p.m.27 views

CVE-2025-58150 x86: buffer overrun with shadow paging + tracing

Shadow mode tracing code uses a set of per-CPU variables to avoid cumbersome parameter passing. Some of these variables are written to with guest controlled data, of guest controllable size. That size can be larger than the variable, and bounding of the writes was missing...

0.00127EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/01/28 3:33 p.m.6 views

CVE-2025-58150 x86: buffer overrun with shadow paging + tracing

Shadow mode tracing code uses a set of per-CPU variables to avoid cumbersome parameter passing. Some of these variables are written to with guest controlled data, of guest controllable size. That size can be larger than the variable, and bounding of the writes was missing...

6AI score0.00127EPSS
Exploits0References1
Debian CVE
Debian CVE
added 2026/01/28 3:33 p.m.5 views

CVE-2025-58150

Shadow mode tracing code uses a set of per-CPU variables to avoid cumbersome parameter passing. Some of these variables are written to with guest controlled data, of guest controllable size. That size can be larger than the variable, and bounding of the writes was missing...

8.8CVSS5.4AI score0.00127EPSS
Exploits0
UbuntuCve
UbuntuCve
added 2026/01/28 12:0 a.m.4 views

CVE-2025-58150

Shadow mode tracing code uses a set of per-CPU variables to avoid cumbersome parameter passing. Some of these variables are written to with guest controlled data, of guest controllable size. That size can be larger than the variable, and bounding of the writes was missing...

8.8CVSS5.9AI score0.00127EPSS
Exploits0References2
OSV
OSV
added 2026/01/27 4:16 p.m.6 views

AZL-76116 CVE-2025-69419 affecting package edk2 for versions less than 20230301gitf80f052277c8-47

Issue summary: Calling PKCS12getfriendlyname function on a maliciously crafted PKCS12 file with a BMPString UTF-16BE friendly name containing non-ASCII BMP code point can trigger a one byte write before the allocated buffer. Impact summary: The out-of-bounds write can cause a memory corruption...

7.4CVSS7.2AI score0.00444EPSS
Exploits1References1
SUSE Linux
SUSE Linux
added 2026/01/27 4:15 p.m.5 views

Security update for xen

This update for xen fixes the following issues: CVE-2025-58150: Fixed buffer overrun with shadow paging and tracing XSA-477 bsc1256745 CVE-2026-23553: Fixed incomplete IBPB for vCPU isolation XSA-479 bsc1256747 Special Instructions and Notes: Please reboot the system after installing this update...

6.8CVSS6AI score0.00129EPSS
Exploits0References8
OSV
OSV
added 2026/01/27 4:15 p.m.2 views

SUSE-SU-2026:0306-1 Security update for xen

This update for xen fixes the following issues: - CVE-2025-58150: Fixed buffer overrun with shadow paging and tracing XSA-477 bsc1256745 - CVE-2026-23553: Fixed incomplete IBPB for vCPU isolation XSA-479 bsc1256747...

8.8CVSS5.9AI score0.00129EPSS
Exploits0References5
OSV
OSV
added 2026/01/27 4:14 p.m.3 views

SUSE-SU-2026:0304-1 Security update for xen

This update for xen fixes the following issues: - CVE-2025-58150: Fixed buffer overrun with shadow paging and tracing XSA-477 bsc1256745 - CVE-2026-23553: Fixed incomplete IBPB for vCPU isolation XSA-479 bsc1256747...

8.8CVSS6AI score0.00129EPSS
Exploits0References5
SUSE Linux
SUSE Linux
added 2026/01/27 4:14 p.m.4 views

Security update for xen

This update for xen fixes the following issues: Security fixes: CVE-2025-58150: Fixed buffer overrun with shadow paging and tracing XSA-477 bsc1256745 CVE-2026-23553: Fixed incomplete IBPB for vCPU isolation XSA-479 bsc1256747 CVE-2025-58149: Fixed incorrect removal od permissions on PCI device...

7CVSS6AI score0.00435EPSS
Exploits0References22
OSV
OSV
added 2026/01/27 4:14 p.m.3 views

SUSE-SU-2026:0303-1 Security update for xen

This update for xen fixes the following issues: Security fixes: - CVE-2025-58150: Fixed buffer overrun with shadow paging and tracing XSA-477 bsc1256745 - CVE-2026-23553: Fixed incomplete IBPB for vCPU isolation XSA-479 bsc1256747 - CVE-2025-58149: Fixed incorrect removal od permissions on PCI...

9.8CVSS6AI score0.00435EPSS
Exploits0References12
AlpineLinux
AlpineLinux
added 2026/01/27 4:1 p.m.3 views

CVE-2025-69419

Issue summary: Calling PKCS12getfriendlyname function on a maliciously crafted PKCS12 file with a BMPString UTF-16BE friendly name containing non-ASCII BMP code point can trigger a one byte write before the allocated buffer. Impact summary: The out-of-bounds write can cause a memory corruption...

7.4CVSS6AI score0.00444EPSS
Exploits1
UbuntuCve
UbuntuCve
added 2026/01/27 2:15 p.m.6 views

CVE-2026-1484

A flaw was found in the GLib Base64 encoding routine when processing very large input data. Due to incorrect use of integer types during length calculation, the library may miscalculate buffer boundaries. This can cause memory writes outside the allocated buffer. Applications that process untrust...

4.2CVSS5.9AI score0.00304EPSS
Exploits1References3
OSV
OSV
added 2026/01/26 10:48 a.m.5 views

CLSA-2026-1769424492 gpsd-minimal: Fix of 2 CVEs

CVE-2025-67268: fix heap-based buffer overrun in NMEA2000 GNSS satellite handling - CVE-2025-67269: fix integer underflow in NAVCOM packet parsing to prevent excessive payload length and CPU-exhaustion...

9.8CVSS7.4AI score0.00674EPSS
Exploits3References1
Debian
Debian
added 2026/01/25 5:47 p.m.5 views

[SECURITY] [DLA 4454-1] libuev security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-4454-1 [email protected] https://www.debian.org/lts/security/ Thorsten Alteholz January 25, 2026 https://wiki.debian.org/LTS -...

9.8CVSS8.1AI score0.0133EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/01/25 12:0 a.m.3 views

Debian dla-4454 : libuev-dev - security update

The remote Debian 11 host has packages installed that are affected by a vulnerability as referenced in the dla-4454 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-4454-1 [email protected] https://www.debian.org/lts/security/...

9.8CVSS5.9AI score0.0133EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/01/22 12:0 a.m.2 views

Azure Linux 3.0 Security Update: kernel (CVE-2024-41038)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-41038 advisory. - In the Linux kernel, the following vulnerability has been resolved: firmware: csdsp: Prevent buffer overrun...

5.5CVSS6.8AI score0.00274EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/01/22 12:0 a.m.4 views

Azure Linux 3.0 Security Update: kernel (CVE-2025-38068)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-38068 advisory. - In the Linux kernel, the following vulnerability has been resolved: crypto: lzo - Fix compression buffer...

7.8CVSS7.1AI score0.00154EPSS
Exploits0References2
OSV
OSV
added 2026/01/20 8:9 a.m.10 views

CLSA-2026-1768110920 kernel: Fix of 16 CVEs

crypto: lzo - Fix compression buffer overrun CVE-2025-38068 - wifi: brcmfmac: fix use-after-free when rescheduling brcmfbtcoexinfo work CVE-2025-39863 - NFSD: Protect against send buffer overflow in NFSv2 READ CVE-2022-43945 - tcp: Clear tcpsksk-fastopenrsk in tcpdisconnect. CVE-2025-40186 - can:...

7.8CVSS6AI score0.21314EPSS
Exploits0References1
Redos
Redos
added 2026/01/20 12:0 a.m.4 views

ROS-20260120-7333

A vulnerability in the childcfsrqonlist function of the kernel/sched/fair.c module of the Linux kernel is related to buffer overruns in memory as a result of incorrect pointer conversion. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

7.8CVSS7.3AI score0.00186EPSS
Exploits0
Rows per page
Query Builder