Vulnerability of the __vmbus_establish_gpadl() function in the drivers/hv/channel.c module – Microsoft Hyper-V guest mode support driver for Linux operating systems. This driver allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.

Vulnerability of the vmbusestablishgpadl function in the drivers/hv/channel.c module – The Microsoft Hyper-V guest mode support driver for Linux operating systems is vulnerable because it exposes confidential system information due to uncleaned debugging information. Exploitation of this...

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: fbdev: hypervfb: Fixed a hang that occurred in the kdump kernel when running on Hyper-V Gen 2 VMs. Hyper-V Gen 2 VMs boot via EFI and have a standard EFI framebuffer device. When the kdump kernel runs in such a VM, loading the...

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: drm/hyperv: Fixed an address space leak when the Hyper-V DRM device is removed. When a Hyper-V DRM device is probed, the driver allocates MMIO space for the vram and maps it as cacheable. If the device is removed, or if the devic...

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerabilities have been resolved: KVM: x86 – Reject Hyper-V’s SENDIPI hypercalls if the local APIC is not part of the kernel. Advertise support for Hyper-V’s SENDIPI and SENDIPIEX hypercalls only if the local API is emulated/virtualized by KVM. Explicitly reje...

Exploit for Heap-based Buffer Overflow in Microsoft

CVE-2025-21333 Windows Hyper-V NT Kernel Integration VSP Eleva...

Malicious code in @loybung/hyper-client (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 3a646dc40194d6a79d5af905b5f0de4abf8ac46c73d1f0659c50454fa2ea9353 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

USN-7513-5 linux-oracle-6.8 vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - RISC-V architecture; - x86 architecture; - Block layer subsystem; - Compute Acceleration Framework; - ACPI drivers;...

May 27, 2025—KB5061979 (OS Builds 19044.5859 and 19045.5859) Out-of-band

May 27, 2025—KB5061979 OS Builds 19044.5859 and 19045.5859 Out-of-band Support for Windows 10 has ended on October 14, 2025 After October 14, 2025, Microsoft will no longer provide free software updates from Windows Update, technical assistance, or security fixes for Windows 10. Your PC will stil...

May 27, 2025—KB5061978 (OS Build 17763.7322) Out-of-band

May 27, 2025—KB5061978 OS Build 17763.7322 Out-of-band Support for Windows 10 has ended on October 14, 2025 After October 14, 2025, Microsoft will no longer provide free software updates from Windows Update, technical assistance, or security fixes for Windows 10. Your PC will still work, but we...

May 27, 2025—KB5061977 (OS Build 26100.4066) Out-of-band

May 27, 2025—KB5061977 OS Build 26100.4066 Out-of-band For information about Windows update terminology, see types of Windows updates and the monthly quality update types. To find an overview, see the update history page for Windows 11, version24H2. Follow @WindowsUpdate to find out when new...

Ubuntu 24.04 LTS : Linux kernel (Raspberry Pi) vulnerabilities (USN-7524-1)

"The remote Ubuntu 24.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-7524-1 advisory. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws i...

CVE-2024-23741

An issue in Hyper on macOS version 3.4.1 and before, allows remote attackers to execute arbitrary code via the RunAsNode and enableNodeClilnspectArguments settings...

CVE-2024-1191

A vulnerability was found in Hyper CdCatalog 2.3.1. It has been classified as problematic. This affects an unknown part of the component HCF File Handler. The manipulation leads to denial of service. An attack has to be approached locally. The exploit has been disclosed to the public and may be...

CVE-2023-41057

hyper-bump-it is a command line tool for updating the version in project files.hyper-bump-it reads a file glob pattern from the configuration file. That is combined with the project root directory to construct a full glob pattern that is used to find files that should be edited. These matched fil...

CVE-2020-1042

A remote code execution vulnerability exists when Hyper-V RemoteFX vGPU on a host server fails to properly validate input from an authenticated user on a guest operating system, aka 'Hyper-V RemoteFX vGPU Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-1032, CVE-2020-103...

CVE-2020-1043

A remote code execution vulnerability exists when Hyper-V RemoteFX vGPU on a host server fails to properly validate input from an authenticated user on a guest operating system, aka 'Hyper-V RemoteFX vGPU Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-1032, CVE-2020-103...

CVE-2020-6103

An exploitable code execution vulnerability exists in the Shader functionality of AMD Radeon DirectX 11 Driver atidxx64.dll 26.20.15019.19000. An attacker can provide a a specially crafted shader file to trigger this vulnerability, resulting in code execution. This vulnerability can be triggered...

CVE-2020-0918

An elevation of privilege vulnerability exists when Windows Hyper-V on a host server fails to properly handle objects in memory, aka 'Windows Hyper-V Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0917...

CVE-2020-35863

An issue was discovered in the hyper crate before 0.12.34 for Rust. HTTP request smuggling can occur. Remote code execution can occur in certain situations with an HTTP server on the loopback interface...

CVE-2020-1040

A remote code execution vulnerability exists when Hyper-V RemoteFX vGPU on a host server fails to properly validate input from an authenticated user on a guest operating system, aka 'Hyper-V RemoteFX vGPU Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-1032, CVE-2020-103...