Lucene search
K

13 matches found

OSV
OSV
added 2026/07/02 8:29 a.m.4 views

CVE-2026-14336

PIA's OIDC issuer allowlist for Jenkins tokens uses a bare string-prefix check issuer.startswith' https://ci.eclipse.org ' in isissuerknown, pia/models.py:139 instead of validating the issuer as a properly host-bounded URL. An attacker can craft an issuer such as https://[email protected]...

8.2CVSS6.1AI score0.00321EPSS
Exploits0References4
EUVD
EUVD
added 2026/06/24 6:32 p.m.6 views

EUVD-2026-38827

In the Linux kernel, the following vulnerability has been resolved: virt: sev-guest: Do not use host-controlled page order in cleanup path When issuing an extended guest request SVMVMGEXITEXTGUESTREQUEST, getextreport allocates a buffer to retrieve a certificate blob from the host, keeping track ...

5.9AI score0.00093EPSS
Exploits0References4
NVD
NVD
added 2026/06/24 5:17 p.m.10 views

CVE-2026-52959

In the Linux kernel, the following vulnerability has been resolved: virt: sev-guest: Do not use host-controlled page order in cleanup path When issuing an extended guest request SVMVMGEXITEXTGUESTREQUEST, getextreport allocates a buffer to retrieve a certificate blob from the host, keeping track ...

7.8CVSS0.00093EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/06/24 4:28 p.m.5 views

CVE-2026-52959

In the Linux kernel, the following vulnerability has been resolved: virt: sev-guest: Do not use host-controlled page order in cleanup path When issuing an extended guest request SVMVMGEXITEXTGUESTREQUEST, getextreport allocates a buffer to retrieve a certificate blob from the host, keeping track ...

5.8AI score0.00093EPSS
Exploits0References4Affected Software1
CVE
CVE
added 2026/06/24 4:28 p.m.14 views

CVE-2026-52959

The CVE-2026-52959 issue affects the Linux kernel SEV guest module. During an extended guest request (SVM_VMGEXIT_EXT_GUEST_REQUEST), get_ext_report() allocates a buffer for a host certificate blob and stores its size in report_req->certs_len. The host may return SNP_GUEST_VMM_ERR_INVALID_LEN ...

7.8CVSS5.9AI score0.00093EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2026/06/24 4:28 p.m.34 views

CVE-2026-52959 virt: sev-guest: Do not use host-controlled page order in cleanup path

In the Linux kernel, the following vulnerability has been resolved: virt: sev-guest: Do not use host-controlled page order in cleanup path When issuing an extended guest request SVMVMGEXITEXTGUESTREQUEST, getextreport allocates a buffer to retrieve a certificate blob from the host, keeping track ...

7.8CVSS0.00093EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/06/24 12:0 a.m.17 views

PT-2026-51853

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the sev-guest component when issuing an extended guest request SVM VMGEXIT EXT GUEST REQUEST. The get ext report function allocates a buffer to retrieve a certificate...

7.8CVSS6AI score0.00093EPSS
Exploits0References5
SUSE CVE
SUSE CVE
added 2026/04/23 1:25 a.m.8 views

SUSE CVE-2026-31470

In the Linux kernel, the following vulnerability has been resolved: virt: tdx-guest: Fix handling of host controlled 'quote' buffer length Validate host controlled value quotebuf-outlen that determines how many bytes of the quote are copied out to guest userspace. In TDX environments with remote...

6.5CVSS5.7AI score0.00125EPSS
Exploits0References20
EUVD
EUVD
added 2026/04/22 3:31 p.m.10 views

EUVD-2026-24820

In the Linux kernel, the following vulnerability has been resolved: virt: tdx-guest: Fix handling of host controlled 'quote' buffer length Validate host controlled value quotebuf-outlen that determines how many bytes of the quote are copied out to guest userspace. In TDX environments with remote...

5.7AI score0.00125EPSS
Exploits0References5
NVD
NVD
added 2026/04/22 2:16 p.m.9 views

CVE-2026-31470

In the Linux kernel, the following vulnerability has been resolved: virt: tdx-guest: Fix handling of host controlled 'quote' buffer length Validate host controlled value quotebuf-outlen that determines how many bytes of the quote are copied out to guest userspace. In TDX environments with remote...

7.1CVSS0.00125EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/04/22 1:53 p.m.32 views

CVE-2026-31470 virt: tdx-guest: Fix handling of host controlled 'quote' buffer length

In the Linux kernel, the following vulnerability has been resolved: virt: tdx-guest: Fix handling of host controlled 'quote' buffer length Validate host controlled value quotebuf-outlen that determines how many bytes of the quote are copied out to guest userspace. In TDX environments with remote...

7.1CVSS0.00125EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/04/22 12:0 a.m.8 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the unvalidated value of quotebuf-outlen controlled by the host. This vulnerability could lead to...

7.1CVSS5.8AI score0.00125EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2021/09/28 12:0 a.m.24 views

Huawei EulerOS: Security Advisory for git (EulerOS-SA-2021-2549)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.3CVSS7.9AI score0.10047EPSS
Exploits2References2
Rows per page
Query Builder