CVE-2026-1329

A flaw has been found in Tenda AX1803 1.0.0.1. The affected element is the function fromGetWifiGuestBasic of the file /goform/WifiGuestSet. Executing a manipulation of the argument guestWrlPwd/guestEn/guestSsid/hideSsid/guestSecurity can lead to stack-based buffer overflow. The attack may be...

CVE-2026-1329 Tenda AX1803 WifiGuestSet fromGetWifiGuestBasic stack-based overflow

A flaw has been found in Tenda AX1803 1.0.0.1. The affected element is the function fromGetWifiGuestBasic of the file /goform/WifiGuestSet. Executing a manipulation of the argument guestWrlPwd/guestEn/guestSsid/hideSsid/guestSecurity can lead to stack-based buffer overflow. The attack may be...

CVE-2026-1329

A flaw has been found in Tenda AX1803 1.0.0.1. The affected element is the function fromGetWifiGuestBasic of the file /goform/WifiGuestSet. Executing a manipulation of the argument guestWrlPwd/guestEn/guestSsid/hideSsid/guestSecurity can lead to stack-based buffer overflow. The attack may be...

CVE-2025-29943

Write what were condition within AMD CPUs may allow an admin-privileged attacker to modify the configuration of the CPU pipeline potentially resulting in the corruption of the stack pointer inside an SEV-SNP guest...

AMD CPU security vulnerabilities

AMD CPUs are a series of CPUs produced by Advanced Microelectronics Devices, Inc. AMD. There are security vulnerabilities in AMD CPUs, which stem from write-condition issues. These vulnerabilities could allow administrators with privileges to modify the CPU’s pipeline configuration, thereby...

EUVD-2021-15368

Malware in sbrugna...

TencentOS Server 3: open-vm-tools (TSSA-2023:0197)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2023:0197 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities:...

USN-7508-1: Open VM Tools vulnerability

It was discovered that Open VM Tools incorrectly handled certain file operations. An attacker in a guest could use this issue to perform insecure file operations and possibly elevate privileges in the guest...

Linux Distros Unpatched Vulnerability : CVE-2024-31146

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - When multiple devices share resources and one of them is to be passed through to a guest, security of the entire system and of respective guests individually...

CVE-2024-31146

When multiple devices share resources and one of them is to be passed through to a guest, security of the entire system and of respective guests individually cannot really be guaranteed without knowing internals of any of the involved guests. Therefore such a configuration cannot really be...

hw: amd: Instruction raise #VC exception at exit

A vulnerability was found in AMD SEV-SNP, where a malicious hypervisor can potentially break confidentiality and integrity of SEV-SNP on Linux guests by injecting interrupts. An attacker can inject interrupt 0x80, which is used by Linux for legacy 32-bit system calls, and arbitrarily change the...

hw: amd: Instruction raise #VC exception at exit

A vulnerability was found in AMD SEV-SNP, where a malicious hypervisor can potentially break confidentiality and integrity of SEV-SNP on Linux guests by injecting interrupts. An attacker can inject interrupt 0x80, which is used by Linux for legacy 32-bit system calls, and arbitrarily change the...

CVE-2021-20263

A flaw was found in the virtio-fs shared file system daemon virtiofsd of QEMU. The new 'xattrmap' option may cause the 'security.capability' xattr in the guest to not drop on file write, potentially leading to a modified, privileged executable in the guest. In rare circumstances, this flaw could ...

Fedora 29 : 2:qemu / libvirt (2019-0332a96d31) (MDSUM/RIDL) (MFBDS/RIDL/ZombieLoad) (MLPDS/RIDL) (MSBDS/Fallout)

Define md-clear CPUID bit. Assuming an updated host kernel and microcode, the md-clear bit will be automatically exposed to guests using the QEMU '-cpu host' arg, or libvirt 'host-model' or 'host-passthrough' configurations. Guests using a named CPU model it must be manually updated to add this...

Fedora 26 : 2:qemu (2017-9149114fba)

Fix usb3 drive issues with windows guests bz 1493196 - CVE-2017-15038: 9p: information disclosure when reading extended attributes bz 1499111 - CVE-2017-15268: potential memory exhaustion via websock connection to VNC bz 1496882 - CVE-2017-14167: multiboot OOB access while loading kernel image bz...