CVE-2025-32467

Use of uninitialized variable for some TDX Module before version tdx1.5 within Ring 0: Hypervisor may allow an information disclosure. Authorized adversary with a privileged user combined with a high complexity attack may enable data exposure. This result may potentially occur via local access wh...

CVE-2025-32007

Out-of-bounds read for some TDX before version tdx module 1.5.24 within Ring 0: Hypervisor may allow an information disclosure. Authorized adversary with a privileged user combined with a low complexity attack may enable data exposure. This result may potentially occur via local access when attac...

CVE-2025-27572

Exposure of sensitive information during transient execution for some TDX within Ring 0: Hypervisor may allow an information disclosure. Authorized adversary with a privileged user combined with a high complexity attack may enable data exposure. This result may potentially occur via local access...

CVE-2025-32467

The CVE-2025-32467 entry concerns use of an uninitialized variable in some TDX Module before tdx1.5, within Ring 0: Hypervisor, potentially enabling information disclosure. Documents state an authorized adversary with privileged access and high attack complexity may cause data exposure via local ...

CVE-2025-32467

Use of uninitialized variable for some TDX Module before version tdx1.5 within Ring 0: Hypervisor may allow an information disclosure. Authorized adversary with a privileged user combined with a high complexity attack may enable data exposure. This result may potentially occur via local access wh...

CVE-2025-32007

Out-of-bounds read for some TDX before version tdx module 1.5.24 within Ring 0: Hypervisor may allow an information disclosure. Authorized adversary with a privileged user combined with a low complexity attack may enable data exposure. This result may potentially occur via local access when attac...

CVE-2025-30513

CVE-2025-30513 describes a race condition in a TDX Module operating in Ring 0 that may enable local privilege escalation. The vulnerability could impact confidentiality and integrity (high) with no availability impact, via a local attack requiring high privileges and no user interaction, and with...

CVE-2025-27940

Out-of-bounds read for some TDX Module before version tdx1.5 within Ring 0: Hypervisor may allow an information disclosure. Software side channel adversary with a privileged user combined with a high complexity attack may enable data exposure. This result may potentially occur via local access wh...

CVE-2025-27572

CVE-2025-27572 is an information-disclosure vulnerability in some Intel® Trust Domain Extensions (TDX) modules. A privileged, highly capable attacker with local access could trigger data exposure during transient execution in Ring 0 of the hypervisor. The impact is confined to confidentiality (hi...

CVE-2025-27572

Exposure of sensitive information during transient execution for some TDX within Ring 0: Hypervisor may allow an information disclosure. Authorized adversary with a privileged user combined with a high complexity attack may enable data exposure. This result may potentially occur via local access...

CVE-2025-25058

CVE-2025-25058 affects Intel Ethernet 800-Series kernel-mode drivers in VMware ESXi: improper initialization may allow information disclosure. A local, low-complexity attack by an authenticated unprivileged user could expose data. Vulnerable on ESXi 8.0 (before 2.2.2.0) and ESXi 9.0 (before 2.2.3...

PT-2026-7440

Improper input validation in IOMMU could allow a malicious hypervisor to reconfigure IOMMU registers resulting in loss of guest data integrity...

PT-2026-7294

Name of the Vulnerable Software and Affected Versions versions prior to 2025-27572 Description A hypervisor may allow an information disclosure. An authorized adversary with a privileged user and a high complexity attack may enable data exposure. This may occur via local access when attack...

PT-2026-7445

A use after free in the SEV firmware could allow a malicous hypervisor to activate a migrated guest with the SINGLE SOCKET policy on a different socket than the migration agent potentially resulting in loss of integrity...

PT-2026-7301

Name of the Vulnerable Software and Affected Versions TDX Module versions prior to tdx1.5 Description A race condition exists within the hypervisor in Ring 0 for some TDX Module versions prior to tdx1.5, potentially leading to a denial of service. An authorized adversary with privileged user...

PT-2026-7303

Name of the Vulnerable Software and Affected Versions TDX versions prior to 1.5.24 Description An out-of-bounds read issue exists within the hypervisor component of TDX. A privileged adversary with a low complexity attack may be able to cause information disclosure. This issue may occur via local...

KB5077179: Windows 11 Version 26H1 Security Update (February 2026)

The remote Windows host is missing security update 5077179. It is, therefore, affected by multiple vulnerabilities - Protection mechanism failure in MSHTML Framework allows an unauthorized attacker to bypass a security feature over a network. CVE-2026-21513 - Access of resource using incompatible...

PT-2026-7296

Name of the Vulnerable Software and Affected Versions TDX Module versions prior to tdx1.5 Description An out-of-bounds read issue exists within the hypervisor in some TDX Module versions prior to tdx1.5 when operating in Ring 0. A software side channel adversary with a privileged user, combined...

PT-2026-7448

Name of the Vulnerable Software and Affected Versions AMD Secure Encrypted Virtualization SEV firmware affected versions not specified Description An access control issue in AMD Secure Encrypted Virtualization SEV firmware may allow a malicious hypervisor to circumvent RMP protections. This could...

CVE-2025-36194

IBM PowerVM Hypervisor FW1110.00 through FW1110.03, FW1060.00 through FW1060.51, and FW950.00 through FW950.F0 may expose a limited amount of data to a peer partition in specific shared processor configurations during certain operations...