CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

15 matches found

AstraLinux•added 2026/05/20 5:53 a.m.•3 views

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: KVM: SVM: Fixed the issue where the sevreceivestart command failed due to the absence of the decommission step. The current SEV context must be discontinued if binding an ASID fails after a receivestart. According to AMD’s SEV AP...

5.1CVSS5.8AI score0.00015EPSS

Exploits0References2

Tenable Nessus•added 2026/04/21 12:0 a.m.•3 views

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-013153)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013153 advisory. In the Linux kernel, the following vulnerability has been resolved: KVM: SVM: fix missing sevdecommission in sevreceivestart DECOMMISSION the current SEV context if...

5.1CVSS5.8AI score0.00015EPSS

Exploits0References4

CISA•added 2025/10/30 12:0 p.m.•6 views

New Guidance Released on Microsoft Exchange Server Security Best Practices

Today, CISA, in partnership with the National Security Agency and international cybersecurity partners, released Microsoft Exchange Server Security Best Practices, a guide to help network defenders harden on-premises Exchange servers against exploitation by malicious actors. Threat activity...

6.9AI score

Exploits0References2

OSV•added 2024/09/26 9:13 p.m.•7 views

GHSA-H4H5-9833-V2P4 Rancher agents can be hijacked by taking over the Rancher Server URL

Impact A vulnerability has been identified within Rancher that can be exploited in narrow circumstances through a man-in-the-middle MITM attack. An attacker would need to have control of an expired domain or execute a DNS spoofing/hijacking attack against the domain to exploit this vulnerability...

8CVSS8.1AI score0.00093EPSS

Exploits0References7

SUSE CVE•added 2024/05/23 3:55 p.m.•1 views

SUSE CVE-2021-47389

In the Linux kernel, the following vulnerability has been resolved: KVM: SVM: fix missing sevdecommission in sevreceivestart DECOMMISSION the current SEV context if binding an ASID fails after RECEIVESTART. Per AMD's SEV API, RECEIVESTART generates a new guest context and thus needs to be paired...

5.6CVSS6.6AI score0.00015EPSS

Exploits0References8

RedhatCVE•added 2024/05/22 10:20 a.m.•28 views

CVE-2021-47389

5.5CVSS6.9AI score0.00015EPSS

Exploits0References4

NVD•added 2024/05/21 3:15 p.m.•19 views

CVE-2021-47389

5.1CVSS6.5AI score0.00015EPSS

Exploits0References2

OSV•added 2024/05/21 3:15 p.m.•1 views

DEBIAN-CVE-2021-47389

5.1CVSS5.3AI score0.00015EPSS

Exploits0References1

UbuntuCve•added 2024/05/21 3:15 p.m.•16 views

CVE-2021-47389

5.1CVSS5.9AI score0.00015EPSS

Exploits0References4

OSV•added 2024/05/21 3:15 p.m.•0 views

UBUNTU-CVE-2021-47389

5.1CVSS5.7AI score0.00015EPSS

Exploits0References5

CVE•added 2024/05/21 3:3 p.m.•85 views

CVE-2021-47389

CVE-2021-47389 is a Linux kernel/KVM SVM issue related to SevReceiveStart and SEV context decommission. The root cause was a missing SEV decommission step when ASID binding fails after RECEIVE_START, which can leak firmware memory and eventually prevent allocating new SEV guest contexts, causing ...

5.1CVSS6.9AI score0.00015EPSS

Exploits0References2Affected Software1

Prion•added 2022/03/08 8:15 p.m.•15 views

Design/Logic Flaw

Icinga Web 2 is an open source monitoring web interface, framework and command-line interface. Installations of Icinga 2 with the IDO writer enabled are affected. If you use service custom variables in role restrictions, and you regularly decommission service objects, users with said roles may...

4.3CVSS5.3AI score0.00334EPSS

Exploits0References3Affected Software1

CVE•added 2022/03/08 7:55 p.m.•116 views

CVE-2022-24714

CVE-2022-24714 affects Icinga Web 2 installations with the IDO writer enabled. The vulnerability stems from using service custom variables in role restrictions, which can allow users with specific roles to access a collection of content, if those roles granted access to hosts via at least one ser...

5.3CVSS5.4AI score0.00334EPSS

Exploits0References3Affected Software1

0day.today•added 2018/05/15 12:0 a.m.•39 views

ProjectPier 0.8.8 SQL Injection / Authentication Bypass / RFI Vulnerabilities

ProjectPier versions 0.8.8 and below suffer from remote file inclusion, authentication bypass, remote shell upload, and remote SQL injection vulnerabilities. "ProjectPier is a Free, Open-Source, PHP application for managing tasks, projects and teams through an intuitive web interface."...

0.9AI score0.01161EPSS

Exploits2