Lucene search
K

2186 matches found

Cvelist
Cvelist
added 4 days ago28 views

CVE-2026-53657 Lima: An arbitrary user in a QEMU VM could gain the root privilege in the VM via the guest agent socket

Lima launches Linux virtual machines, typically on macOS, for running containerd. Prior to 2.1.3, on an instance of Lima running with the qemu driver, an arbitrary user in the VM could access /run/lima-guestagent.sock when the guest agent is enabled, which could result in running arbitrary comman...

8.2CVSS0.00197EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2026/06/26 2:7 a.m.8 views

SUSE CVE-2026-53277

In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: Take the SRCU lock for page table walks in fault injection and AT emulation walks1 and kvmwalknesteds2 expect to be called while holding kvm-srcu to guard against memslot changes. While this is generally the case,...

8.8CVSS5.8AI score0.00114EPSS
Exploits0References3
NVD
NVD
added 2026/06/25 9:16 a.m.9 views

CVE-2026-53277

In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: Take the SRCU lock for page table walks in fault injection and AT emulation walks1 and kvmwalknesteds2 expect to be called while holding kvm-srcu to guard against memslot changes. While this is generally the case,...

8.8CVSS0.00114EPSS
Exploits0References6
OSV
OSV
added 2026/06/25 9:16 a.m.8 views

UBUNTU-CVE-2026-53277

In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: Take the SRCU lock for page table walks in fault injection and AT emulation walks1 and kvmwalknesteds2 expect to be called while holding kvm-srcu to guard against memslot changes. While this is generally the case,...

8.9CVSS5.7AI score0.00114EPSS
Exploits0References6
Debian CVE
Debian CVE
added 2026/06/25 8:40 a.m.7 views

CVE-2026-53277

In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: Take the SRCU lock for page table walks in fault injection and AT emulation walks1 and kvmwalknesteds2 expect to be called while holding kvm-srcu to guard against memslot changes. While this is generally the case,...

8.8CVSS5.6AI score0.00114EPSS
Exploits0
ATTACKERKB
ATTACKERKB
added 2026/06/25 8:40 a.m.7 views

CVE-2026-53277

In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: Take the SRCU lock for page table walks in fault injection and AT emulation walks1 and kvmwalknesteds2 expect to be called while holding kvm-srcu to guard against memslot changes. While this is generally the case,...

5.6AI score0.00114EPSS
Exploits0References4Affected Software1
EUVD
EUVD
added 2026/06/25 8:40 a.m.8 views

EUVD-2026-39228

In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: Take the SRCU lock for page table walks in fault injection and AT emulation walks1 and kvmwalknesteds2 expect to be called while holding kvm-srcu to guard against memslot changes. While this is generally the case,...

5.7AI score0.00114EPSS
Exploits0References3
CVE
CVE
added 2026/06/25 8:40 a.m.27 views

CVE-2026-53277

CVE-2026-53277 – Linux kernel (arm64 KVM) : A flaw where certain page-table walk operations (walk_s1 and kvm_walk_nested_s2) did not acquire the Sleepable RCU lock (SRCU) via kvm->srcu, risking memslot changes and potential instability during fault injection and Address Translation emulation. ...

8.8CVSS5.7AI score0.00114EPSS
Exploits0References6Affected Software1
OSV
OSV
added 2026/06/25 8:40 a.m.4 views

CVE-2026-53277 KVM: arm64: Take the SRCU lock for page table walks in fault injection and AT emulation

In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: Take the SRCU lock for page table walks in fault injection and AT emulation walks1 and kvmwalknesteds2 expect to be called while holding kvm-srcu to guard against memslot changes. While this is generally the case,...

8.8CVSS5.8AI score0.00114EPSS
Exploits0References9
Cvelist
Cvelist
added 2026/06/25 8:40 a.m.32 views

CVE-2026-53277 KVM: arm64: Take the SRCU lock for page table walks in fault injection and AT emulation

In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: Take the SRCU lock for page table walks in fault injection and AT emulation walks1 and kvmwalknesteds2 expect to be called while holding kvm-srcu to guard against memslot changes. While this is generally the case,...

8.8CVSS0.00114EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/06/25 12:0 a.m.11 views

PT-2026-52372

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description In the arm64 KVM implementation, the functions walk s1 and kvm walk nested s2 require the kvm-srcu lock to be held to prevent issues during memslot changes. However, kvm at s12 and kvm...

8.9CVSS6.1AI score0.00114EPSS
Exploits0References22
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.4 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: macintosh/machid: fixed a race condition in machidtoggleemumouse The following warning appears when running syzkaller, and this issue also exists in the mainline code. ------------ Cut here ------------ listadd double add:...

6.1AI score0.00165EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/06/18 12:0 a.m.3 views

Siemens RuggedCom Rox Use After Free (CVE-2023-3019)

A DMA reentrancy issue leading to a use-after-free error was found in the e1000e NIC emulation code in QEMU. This issue could allow a privileged guest user to crash the QEMU process on the host, resulting in a denial of service. This plugin only works with Tenable.ot. Please visit...

6.5CVSS6.7AI score0.00315EPSS
Exploits0References3
EUVD
EUVD
added 2026/06/09 6:30 p.m.12 views

EUVD-2026-35454

Insufficient input validation in NETGEAR JR6150 AC750 WiFi Router 802.11ac Dual Band Gigabit released in 2014 allows users connected to the local WiFi Networks to execute operating system commands. NETGEAR JR6150 has reached End-of-Support phase as of 2018 , and no further security updates are...

7.3CVSS5.6AI score0.00289EPSS
Exploits0References2
NVD
NVD
added 2026/06/09 5:17 p.m.15 views

CVE-2026-0419

Insufficient input validation in NETGEAR JR6150 AC750 WiFi Router 802.11ac Dual Band Gigabit released in 2014 allows users connected to the local WiFi Networks to execute operating system commands. NETGEAR JR6150 has reached End-of-Support phase as of 2018 , and no further security updates are...

8CVSS0.00289EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/09 3:50 p.m.33 views

CVE-2026-0419 Insufficient input validation vulnerability in NETGEAR JR6150

Insufficient input validation in NETGEAR JR6150 AC750 WiFi Router 802.11ac Dual Band Gigabit released in 2014 allows users connected to the local WiFi Networks to execute operating system commands. NETGEAR JR6150 has reached End-of-Support phase as of 2018 , and no further security updates are...

7.3CVSS0.00289EPSS
Exploits0References2
CVE
CVE
added 2026/06/09 3:50 p.m.25 views

CVE-2026-0419

CVE-2026-0419 describes insufficient input validation in NETGEAR JR6150 (AC750 WiFi Router, 802.11ac, dual-band; released 2014) that allows users on the local Wi‑Fi to execute operating system commands. The device is End-of-Support since 2018 with no planned security updates. The advisory notes t...

8CVSS5.6AI score0.00289EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/06/09 3:50 p.m.32 views

CVE-2026-0412

CVE-2026-0412 relates to the NETGEAR JR6150 Web UI and is described as an insufficient input validation vulnerability. The affected device is the NETGEAR JR6150 (AC750 WiFi Router, 2014 release) and the description states that administrators connected to the local network can make unauthorized mo...

6.8CVSS5.4AI score0.00153EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2026/06/09 3:50 p.m.6 views

CVE-2026-0412 Insufficient input validation vulnerability in NETGEAR JR6150 Web UI

Insufficient input validation vulnerability in NETGEAR JR6150 AC750 WiFi Router 802.11ac Dual Band Gigabit released in 2014 allows administrators connected to the local network to make unauthorized modification of router software and functionality. NETGEAR JR6150 reached End-of-Support status in...

6.8CVSS5.4AI score0.00153EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/09 3:50 p.m.32 views

CVE-2026-0412 Insufficient input validation vulnerability in NETGEAR JR6150 Web UI

Insufficient input validation vulnerability in NETGEAR JR6150 AC750 WiFi Router 802.11ac Dual Band Gigabit released in 2014 allows administrators connected to the local network to make unauthorized modification of router software and functionality. NETGEAR JR6150 reached End-of-Support status in...

6.8CVSS0.00153EPSS
Exploits0References2
Rows per page
Query Builder