Lucene search
K

10 matches found

Vulnrichment
Vulnrichment
added 2026/04/09 6:40 p.m.4 views

CVE-2026-34945 Wasmtime leaks host data with 64-bit tables and Winch

Wasmtime is a runtime for WebAssembly. From 25.0.0 to before 36.0.7, 42.0.2, and 43.0.1, Wasmtime's Winch compiler contains a bug where a 64-bit table, part of the memory64 proposal of WebAssembly, incorrectly translated the table.size instruction. This bug could lead to disclosing data on the...

2.3CVSS5.8AI score0.00324EPSS
Exploits0References1
OSV
OSV
added 2026/04/09 12:0 p.m.3 views

RUSTSEC-2026-0086 Host data leakage with 64-bit tables and Winch

This is an entry in the RustSec database for the Wasmtime security advisory located at https://github.com/bytecodealliance/wasmtime/security/advisories/GHSA-m9w2-8782-2946 For more information see the GitHub-hosted security advisory...

2.3CVSS5.8AI score0.00324EPSS
Exploits0References3
Ubuntu
Ubuntu
added 2025/12/16 8:58 p.m.8 views

USN-7939-1: Linux kernel (Azure) vulnerabilities

Jean-Claude Graf, Sandro Rüegge, Ali Hajiabadi, and Kaveh Razavi discovered that the Linux kernel contained insufficient branch predictor isolation between a guest and a userspace hypervisor for certain processors. This flaw is known as VMSCAPE. An attacker in a guest VM could possibly use this t...

7.8CVSS7.6AI score0.01345EPSS
Exploits8
Ubuntu
Ubuntu
added 2025/11/10 9:54 a.m.3 views

USN-7862-2: Linux kernel vulnerability

Jean-Claude Graf, Sandro Rüegge, Ali Hajiabadi, and Kaveh Razavi discovered that the Linux kernel contained insufficient branch predictor isolation between a guest and a userspace hypervisor for certain processors. This flaw is known as VMSCAPE. An attacker in a guest VM could possibly use this t...

5.5CVSS7.4AI score0.00331EPSS
Exploits0
ATTACKERKB
ATTACKERKB
added 2022/05/04 11:0 p.m.4 views

CVE-2022-20779

Multiple vulnerabilities in Cisco Enterprise NFV Infrastructure Software NFVIS could allow an attacker to escape from the guest virtual machine VM to the host machine, inject commands that execute at the root level, or leak system data from the host to the VM. For more information about these...

9.9CVSS7.5AI score0.10173EPSS
Exploits1References3
ATTACKERKB
ATTACKERKB
added 2022/05/04 11:0 p.m.5 views

CVE-2022-20777

Multiple vulnerabilities in Cisco Enterprise NFV Infrastructure Software NFVIS could allow an attacker to escape from the guest virtual machine VM to the host machine, inject commands that execute at the root level, or leak system data from the host to the VM. For more information about these...

9.9CVSS7.5AI score0.1076EPSS
Exploits1References3
OSV
OSV
added 2022/05/04 5:15 p.m.8 views

CVE-2022-20777

Multiple vulnerabilities in Cisco Enterprise NFV Infrastructure Software NFVIS could allow an attacker to escape from the guest virtual machine VM to the host machine, inject commands that execute at the root level, or leak system data from the host to the VM. For more information about these...

9.9CVSS5.9AI score0.1076EPSS
Exploits1References2
OSV
OSV
added 2022/05/04 5:15 p.m.8 views

CVE-2022-20780

Multiple vulnerabilities in Cisco Enterprise NFV Infrastructure Software NFVIS could allow an attacker to escape from the guest virtual machine VM to the host machine, inject commands that execute at the root level, or leak system data from the host to the VM. For more information about these...

7.4CVSS5.9AI score0.10922EPSS
Exploits1References2
NCSC
NCSC
added 2021/08/26 12:0 a.m.4 views

Vulnerabilities fixed in Xen

Xen's developers have fixed several vulnerabilities in Xen. A local malicious person could exploit the vulnerabilities to cause a denial-of-service, both in the guest system as well as the underlying host. Also, potentially the vulnerabilities could be exploited to obtain sensitive data in memory...

7.8CVSS6.6AI score0.0187EPSS
Exploits0
OSV
OSV
added 2017/10/18 8:29 a.m.4 views

ALPINE-CVE-2017-15589

An issue was discovered in Xen through 4.9.x allowing x86 HVM guest OS users to obtain sensitive information from the host OS or an arbitrary guest OS because intercepted I/O operations can cause a write of data from uninitialized hypervisor stack memory...

6.5CVSS6.6AI score0.00407EPSS
Exploits0References1
Rows per page
Query Builder