CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Tenable Nessus•added 2025/08/08 12:0 a.m.•3 views

Linux Distros Unpatched Vulnerability : CVE-2021-47553

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: sched/scs: Reset task stack state in bringupcpu To hot unplug a CPU, the idle task on that C...

7.8CVSS6.1AI score0.0026EPSS

Tenable Nessus•added 2025/08/07 12:0 a.m.•3 views

Linux Distros Unpatched Vulnerability : CVE-2023-53123

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: PCI: s390: Fix use-after-free of PCI resources with per-function hotplug On s390 PCI functio...

7.8CVSS6.2AI score0.00152EPSS

RedHat Linux•added 2025/08/06 8:1 a.m.•2 views

kernel: powerpc: Fix access beyond end of drmem array

A flaw was found in the Linux kernel, specifically affecting the PowerPC architecture's pseries memory hotplug functionality. The issue arises from the dlparmemoryremovebyindex function, which may access memory beyond the bounds of the drmem logical memory block LMB array when it fails to find a...

7.8CVSS6.6AI score0.00246EPSS

Exploits0References5

Ubuntu•added 2025/07/28 10:20 p.m.•7 views

USN-7677-1: cloud-init vulnerabilities

Harry Sintonen discovered that the hotplugd socket in cloud-init was world writable. An attacker could possibly use this issue to send hotplug-hook commands. CVE-2024-11584 It was discovered that cloud-init granted root access to a hardcoded URL with a local IP address when a non-x86 platform is...

8.8CVSS5.4AI score0.00205EPSS

Positive Technologies•added 2025/07/26 12:0 a.m.•2 views

PT-2025-33774

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The Linux kernel contains race conditions between the PCIe hotplug driver and the EEH driver. These race conditions can lead to kernel oopses during PCIe device unplug events, EEH driv...

5.5CVSS6AI score0.00149EPSS

Microsoft CVE•added 2025/07/11 7:0 a.m.•3 views

hwpoison, memory_hotplug: lock folio before unmap hwpoisoned folio

...

5.5CVSS7AI score0.00135EPSS

Microsoft CVE•added 2025/07/11 7:0 a.m.•3 views

cloud-init through 25.1.2 includes the systemd socket unit cloud-init-hotplugd.socket with default SocketMode that grants 0666 permissions, making it world-writable. This is used for the "/run/cloud-init/hook-hotplug-cmd" FIFO. An unprivileged user could trigger hotplug-hook commands.

...

5.9CVSS7AI score0.00122EPSS

SUSE CVE•added 2025/06/27 12:3 a.m.•1 views

SUSE CVE-2024-11584

5.9CVSS6.6AI score0.00122EPSS

Exploits0References8

AlpineLinux•added 2025/06/26 10:15 a.m.•2 views

CVE-2024-11584

5.9CVSS7.3AI score0.00122EPSS

OSV•added 2025/06/26 10:15 a.m.•3 views

AZL-64337 CVE-2024-11584 affecting package cloud-init for versions less than 24.3.1-2

5.9CVSS5.8AI score0.00122EPSS

Exploits0References1

OSV•added 2025/06/26 10:15 a.m.•4 views

DEBIAN-CVE-2024-11584

5.3CVSS5.2AI score0.00122EPSS

Exploits0References1

OSV•added 2025/06/26 10:15 a.m.•2 views

AZL-64371 CVE-2024-11584 affecting package cloud-init for versions less than 23.3-7

5.9CVSS5.7AI score0.00122EPSS

Exploits0References1

Vulnrichment•added 2025/06/26 9:25 a.m.•3 views

CVE-2024-11584

5.9CVSS6.5AI score0.00122EPSS

Positive Technologies•added 2025/06/26 12:0 a.m.•3 views

PT-2025-26948

Name of the Vulnerable Software and Affected Versions: cloud-init versions through 25.1.2 Description: The issue concerns the systemd socket unit cloud-init-hotplugd.socket in cloud-init, which has a default SocketMode that grants 0666 permissions, making it world-writable. This affects the...

8.8CVSS6.2AI score0.00205EPSS

Exploits0References24

AstraLinux•added 2025/06/16 11:28 a.m.•2 views

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerabilities have been resolved: hrtimers: Properly handle CPU state during hotplug events. Consider a scenario where a CPU transitions from CPUHPONLINE to CPUHPHRTIMERSPREPARE after being hot-unplugged, and then back to CPUHPONLINE. Since the...

7.8CVSS6.5AI score0.00223EPSS

AstraLinux•added 2025/06/16 11:28 a.m.•1 views

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: PCI: pciehp: Avoid unnecessary device replacement checks The hot removal of nested PCI hotplug ports involves a long-standing race condition that can lead to a deadlock. A parent hotplug port acquires pcilockrescanremove, then...

5.5CVSS6.1AI score0.00167EPSS

AstraLinux•added 2025/06/16 11:28 a.m.•4 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: hwpoison, memoryhotplug: lock folio before unmap hwpoisoned folio Commit b15c87263a69 “hwpoison, memoryhotplug: allow hwpoisoned pages to be offline” adds page poisoning checks in domigraterange, in order to make offline hwpoison...

5.5CVSS6.2AI score0.00135EPSS

AstraLinux•added 2025/06/16 11:28 a.m.•0 views

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: mm: zswap: properly synchronize freeing resources during CPU hotunplug In zswapcompress and zswapdecompress, the per-CPU acompctx of the current CPU at the beginning of the operation is retrieved and used throughout. However, sin...

7.8CVSS6.2AI score0.00191EPSS

AstraLinux•added 2025/06/16 11:28 a.m.•4 views

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: Fixed suspicious RCU usage The commit “iommu/vt-d: Allocate DMAR fault interrupts locally” moved the call to enabledrhdfaulthandling to a code path that does not hold any lock while traversing the drhd list. This issu...

5.5CVSS6.2AI score0.00174EPSS