Lucene search
K

2180 matches found

Tenable Nessus
Tenable Nessus
added 2026/01/15 12:0 a.m.3 views

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002746)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002746 advisory. A flaw was found in the way Linux kernel KVM hypervisor before 4.18 emulated instructions such as sgdt/sidt/fxsave/fxrstor. It did not check current privilegeCPL lev...

7.8CVSS7.1AI score0.0047EPSS
Exploits0References18
Tenable Nessus
Tenable Nessus
added 2026/01/15 12:0 a.m.4 views

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-002021)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002021 advisory. Race condition in the kvmmigratepittimer function in arch/x86/kvm/i8254.c in the KVM subsystem in the Linux kernel through 3.17.2 allows guest OS users to cause a...

4.7CVSS6.4AI score0.00294EPSS
Exploits0References15
Tenable Nessus
Tenable Nessus
added 2026/01/15 12:0 a.m.3 views

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-002853)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002853 advisory. arch/x86/kvm/emulate.c in the Linux kernel through 4.9.3 allows local users to obtain sensitive information from kernel memory or cause a denial of service...

7.1CVSS6.2AI score0.00421EPSS
Exploits0References11
Tenable Nessus
Tenable Nessus
added 2026/01/14 12:0 a.m.6 views

MiracleLinux 3 : kernel-2.6.18-8.17AXS3 (AXSA:2008-82:04)

The remote MiracleLinux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2008-82:04 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. CVE-2007-5498: The Xen hypervisor block backend driver for Linux...

7.8CVSS7.1AI score0.04934EPSS
Exploits14References18
Tenable Nessus
Tenable Nessus
added 2026/01/14 12:0 a.m.4 views

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-001774)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001774 advisory. An issue was discovered in the Linux kernel before 6.5.9, exploitable by local users with userspace access to MMIO registers. Incorrect access checking in the VC...

7CVSS7AI score0.00693EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/01/14 12:0 a.m.4 views

MiracleLinux 4 : qemu-kvm-0.12.1.2-2.209.AXS4.4 (AXSA:2012-478:01)

The remote MiracleLinux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2012-478:01 advisory. KVM for Kernel-based Virtual Machine is a full virtualization solution for Linux on x86 hardware. Using KVM, one can run multiple virtual machines...

7.4CVSS7.4AI score0.02258EPSS
Exploits2References4
Fedora
Fedora
added 2026/01/09 5:21 p.m.6 views

[SECURITY] Fedora 43 Update: foomuuri-0.31-1.fc43

Foomuuri is a firewall generator for nftables based on the concept of zones. It is suitable for all systems from personal machines to corporate firewalls, and supports advanced features such as a rich rule language, IPv4/IPv6 rule splitting, dynamic DNS lookups, a D-Bus API and FirewallD emulatio...

7CVSS7AI score0.00171EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2026/01/09 12:28 p.m.5 views

CVE-2023-40216

OpenBSD 7.3 before errata 014 is missing an argument-count bounds check in console terminal emulation. This could cause incorrect memory access and a kernel crash after receiving crafted DCS or CSI terminal escape sequences...

5.5CVSS6.7AI score0.00137EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 11:19 a.m.4 views

CVE-2021-22045

VMware ESXi 7.0, 6.7 before ESXi670-202111101-SG and 6.5 before ESXi650-202110101-SG, VMware Workstation 16.2.0 and VMware Fusion 12.2.0 contains a heap-overflow vulnerability in CD-ROM device emulation. A malicious actor with access to a virtual machine with CD-ROM device emulation may be able t...

7.8CVSS7.2AI score0.04681EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 9:49 a.m.6 views

CVE-2020-24385

In MidnightBSD before 1.2.6 and 1.3 before August 2020, and FreeBSD before 7, a NULL pointer dereference was found in the Linux emulation layer that allows attackers to crash the running kernel. During binary interaction, td-tdemuldata in sys/compat/linux/linuxemul.h is not getting initialized an...

5.5CVSS6.8AI score0.00367EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 9:1 a.m.8 views

CVE-2023-43870

When installing the Net2 software a root certificate is installed into the trusted store. A potential hacker could access the installer batch file or reverse engineer the source code to gain access to the root certificate password. Using the root certificate and password they could then create...

9.8CVSS7.4AI score0.00404EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/01/07 12:0 a.m.3 views

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-000239)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000239 advisory. An out-of-bounds memory write issue was found in the Linux Kernel, version 3.13 through 5.4, in the way the Linux kernel's KVM hypervisor handled the...

6.1CVSS7AI score0.00679EPSS
Exploits1References4
RedhatCVE
RedhatCVE
added 2026/01/01 10:28 p.m.12 views

CVE-2025-34469

Cowrie versions prior to 2.9.0 contain a server-side request forgery SSRF vulnerability in the emulated shell implementation of wget and curl. In the default emulated shell configuration, these command emulations perform real outbound HTTP requests to attacker-supplied destinations. Because no...

7.5CVSS7.4AI score0.00616EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2026/01/01 12:0 a.m.3 views

PT-2026-27651

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel's ATM LANE LAN Emulation module contains a null pointer dereference issue in the lec arp clear vccs function. This flaw occurs when the underlying Virtual Circuit VCC is...

5.5CVSS5.5AI score0.00125EPSS
Exploits0References22
NVD
NVD
added 2025/12/31 10:15 p.m.4 views

CVE-2025-34469

Cowrie versions prior to 2.9.0 contain a server-side request forgery SSRF vulnerability in the emulated shell implementation of wget and curl. In the default emulated shell configuration, these command emulations perform real outbound HTTP requests to attacker-supplied destinations. Because no...

7.5CVSS0.00616EPSS
Exploits1References5
OSV
OSV
added 2025/12/31 10:15 p.m.2 views

CVE-2025-34469

Cowrie versions prior to 2.9.0 contain a server-side request forgery SSRF vulnerability in the emulated shell implementation of wget and curl. In the default emulated shell configuration, these command emulations perform real outbound HTTP requests to attacker-supplied destinations. Because no...

7.5CVSS7.4AI score
Exploits0References5
CVE
CVE
added 2025/12/31 9:36 p.m.22 views

CVE-2025-34469

CVE-2025-34469 affects Cowrie before 2.9.0. In emulated shell mode, the wget and curl commands perform real outbound HTTP requests, enabling unauthenticated attackers to generate unbounded traffic to arbitrary targets. This SSRF can turn the Cowrie honeypot into a denial-of-service amplification ...

7.5CVSS7.1AI score0.00616EPSS
In wildExploits1References5Affected Software1
EUVD
EUVD
added 2025/12/31 9:36 p.m.6 views

EUVD-2025-204642

Cowrie versions prior to 2.9.0 contain a server-side request forgery SSRF vulnerability in the emulated shell implementation of wget and curl. In the default emulated shell configuration, these command emulations perform real outbound HTTP requests to attacker-supplied destinations. Because no...

6.9CVSS7AI score0.00616EPSS
Exploits1References8
Cvelist
Cvelist
added 2025/12/31 9:36 p.m.24 views

CVE-2025-34469 Cowrie < 2.9.0 Unrestricted wget/curl Emulation Enables SSRF-Based DDoS Amplification

Cowrie versions prior to 2.9.0 contain a server-side request forgery SSRF vulnerability in the emulated shell implementation of wget and curl. In the default emulated shell configuration, these command emulations perform real outbound HTTP requests to attacker-supplied destinations. Because no...

6.9CVSS0.00616EPSS
Exploits1References5
Vulnrichment
Vulnrichment
added 2025/12/31 9:36 p.m.1 views

CVE-2025-34469 Cowrie < 2.9.0 Unrestricted wget/curl Emulation Enables SSRF-Based DDoS Amplification

Cowrie versions prior to 2.9.0 contain a server-side request forgery SSRF vulnerability in the emulated shell implementation of wget and curl. In the default emulated shell configuration, these command emulations perform real outbound HTTP requests to attacker-supplied destinations. Because no...

6.9CVSS7.1AI score0.00616EPSS
Exploits1References5
Rows per page
Query Builder