x86: Floating Point Divider State Sampling

ISSUE DESCRIPTION Researchers from the CISPA Helmholtz Center for Information Security have discovered Floating Point Divider State Sampling. It is detailed in a paper titled "TREVEX: A Black-Box Detection Framework For Data-Flow Transient Execution Vulnerabilities" For more information, see:...

Booking.com breach gives scammers what they need to target guests

Travel companies love telling you your data is safe. Booking.com just reminded everyone why that's a hard promise to keep. The Amsterdam-based booking giant began notifying customers on April 13 that "unauthorized third parties" had accessed guest reservation data. The compromised information...

Linux Distros Unpatched Vulnerability : CVE-2024-21953

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Improper input validation in IOMMU could allow a malicious hypervisor to reconfigure IOMMU registers resulting in loss of guest data integrity. CVE-2024-21953...

CVE-2024-21953

Improper input validation in IOMMU could allow a malicious hypervisor to reconfigure IOMMU registers resulting in loss of guest data integrity...

CVE-2024-21953

Improper input validation in IOMMU could allow a malicious hypervisor to reconfigure IOMMU registers resulting in loss of guest data integrity...

CVE-2024-21953

Improper input validation in IOMMU could allow a malicious hypervisor to reconfigure IOMMU registers resulting in loss of guest data integrity...

CVE-2024-21953

Improper input validation in IOMMU could allow a malicious hypervisor to reconfigure IOMMU registers resulting in loss of guest data integrity...

CVE-2024-21953

Improper input validation in IOMMU could allow a malicious hypervisor to reconfigure IOMMU registers resulting in loss of guest data integrity...

PT-2026-7440

Improper input validation in IOMMU could allow a malicious hypervisor to reconfigure IOMMU registers resulting in loss of guest data integrity...

Authorization Bypass Through User-Controlled Key

Overview Affected versions of this package are vulnerable to Authorization Bypass Through User-Controlled Key via the orderscontroller parameter. An attacker can access sensitive personal information of guest users, such as names, addresses, and phone numbers, by supplying a valid order ID for a...

CVE-2026-25757

Spree is an open source e-commerce solution built with Ruby on Rails. Prior to versions 5.0.8, 5.1.10, 5.2.7, and 5.3.2, unauthenticated users can view completed guest orders by Order ID. This issue may lead to disclosure of PII of guest users including names, addresses and phone numbers. This...

CVE-2025-58150

Shadow mode tracing code uses a set of per-CPU variables to avoid cumbersome parameter passing. Some of these variables are written to with guest controlled data, of guest controllable size. That size can be larger than the variable, and bounding of the writes was missing...

CVE-2025-58150 x86: buffer overrun with shadow paging + tracing

Shadow mode tracing code uses a set of per-CPU variables to avoid cumbersome parameter passing. Some of these variables are written to with guest controlled data, of guest controllable size. That size can be larger than the variable, and bounding of the writes was missing...

CVE-2025-58150 x86: buffer overrun with shadow paging + tracing

Shadow mode tracing code uses a set of per-CPU variables to avoid cumbersome parameter passing. Some of these variables are written to with guest controlled data, of guest controllable size. That size can be larger than the variable, and bounding of the writes was missing...

CVE-2025-58150

Shadow mode tracing code uses a set of per-CPU variables to avoid cumbersome parameter passing. Some of these variables are written to with guest controlled data, of guest controllable size. That size can be larger than the variable, and bounding of the writes was missing...

CVE-2025-58150

CVE-2025-58150 affects the Xen hypervisor (shadow mode tracing code) where per-CPU variables are written with guest-controlled data. The writes can exceed the destination variable, and bounding is missing, enabling memory corruption. Public advisories (XSA-477) and multiple distro updates (Fedora...

x86: buffer overrun with shadow paging + tracing

ISSUE DESCRIPTION Shadow mode tracing code uses a set of per-CPU variables to avoid cumbersome parameter passing. Some of these variables are written to with guest controlled data, of guest controllable size. That size can be larger than the variable, and bounding of the writes was missing. IMPAC...

CVE-2023-31352

A bug in the SEV firmware may allow an attacker with privileges to read unencrypted memory, potentially resulting in loss of guest private data...

CVE-2025-13193

A flaw was found in libvirt. External inactive snapshots for shut-down VMs are incorrectly created as world-readable, making it possible for unprivileged users to inspect the guest OS contents. This results in an information disclosure vulnerability...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-414629)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-414629 advisory. Guest can force Linux netback driver to hog large amounts of kernel memory This CNA information record relates to multiple CVEs; the text explains which...