CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

1569 matches found

OpenVAS•added 2023/05/28 12:0 a.m.•18 views

Fedora: Security Advisory for xen (FEDORA-2023-8334fe0ecb)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

3.3CVSS5AI score0.0007EPSS

Exploits0References2

Fedora•added 2023/05/27 1:18 a.m.•43 views

[SECURITY] Fedora 38 Update: xen-4.17.1-2.fc38

This package contains the XenD daemon and xm command line tools, needed to manage virtual machines running under the Xen hypervisor...

3.3CVSS7.1AI score0.0007EPSS

Exploits0

NVD•added 2023/05/23 2:15 p.m.•9 views

CVE-2023-30440

IBM PowerVM Hypervisor FW860.00 through FW860.B3, FW950.00 through FW950.70, FW1010.00 through FW1010.50, FW1020.00 through FW1020.30, and FW1030.00 through FW1030.10 could allow a local attacker with control a partition that has been assigned SRIOV virtual function VF to cause a denial of servic...

7.9CVSS6.9AI score0.00048EPSS

Exploits0References2

CVE•added 2023/05/23 1:20 p.m.•63 views

CVE-2023-30440

CVE-2023-30440 affects IBM PowerVM Hypervisor across multiple firmware branches (FW860, FW950, FW1010, FW1020, FW1030). The issue allows a local attacker who controls a partition with an SRIOV VF to cause a denial of service to a peer partition or arbitrary data corruption. Root cause details spe...

7.9CVSS6.9AI score0.00048EPSS

Exploits0References2Affected Software1

NVD•added 2023/05/17 1:15 a.m.•33 views

CVE-2022-42336

Mishandling of guest SSBD selection on AMD hardware The current logic to set SSBD on AMD Family 17h and Hygon Family 18h processors requires that the setting of SSBD is coordinated at a core level, as the setting is shared between threads. Logic was introduced to keep track of how many threads...

3.3CVSS4AI score0.0007EPSS

Exploits0References3

Debian CVE•added 2023/05/17 12:0 a.m.•35 views

CVE-2022-42336

3.3CVSS6.6AI score0.0007EPSS

Exploits0

Zero Day Initiative•added 2023/05/01 12:0 a.m.•31 views

(Pwn2Own) VMware Workstation UHCI Component Uninitialized Variable Information Disclosure Vulnerability

This vulnerability allows local attackers to disclose sensitive information on affected installations of VMware Workstation. An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within...

6CVSS6.9AI score0.00051EPSS

Exploits0References1

OpenVAS•added 2023/04/29 12:0 a.m.•23 views

Fedora: Security Advisory for xen (FEDORA-2023-d28433ead1)

7.8CVSS7.7AI score0.00093EPSS

Exploits0References2

Malwarebytes•added 2023/04/28 12:45 a.m.•52 views

Update now: Critical flaw in VMWare Fusion and VMWare Workstation

Four vulnerabilities in virtualisation software have been fixed by VMware, including two which were exploited at the 20223 Pwn2Own contest. Three have been given the severity rating "Important", with the last CVE-2023-20869 is classed as "Critical". Success! @starlabssg used an uninitialized...

7.6AI score0.02177EPSS

Exploits0

Prion•added 2023/04/25 1:15 p.m.•25 views

Design/Logic Flaw

x86 shadow paging arbitrary pointer dereference In environments where host assisted address translation is necessary but Hardware Assisted Paging HAP is unavailable, Xen will run guests in so called shadow mode. Due to too lax a check in one of the hypervisor routines used for shadow page handlin...

4.3CVSS7.4AI score0.00093EPSS

Exploits0References5Affected Software2

OSV•added 2023/04/25 1:15 p.m.•1 views

UBUNTU-CVE-2022-42335

7.8CVSS7.2AI score0.00093EPSS

Exploits0References7

Xen Project•added 2023/04/25 12:0 p.m.•69 views

x86 shadow paging arbitrary pointer dereference

ISSUE DESCRIPTION In environments where host assisted address translation is necessary but Hardware Assisted Paging HAP is unavailable, Xen will run guests in so called shadow mode. Due to too lax a check in one of the hypervisor routines used for shadow page handling it is possible for a guest...

7.8CVSS6.5AI score0.00093EPSS

Exploits0

Cvelist•added 2023/04/25 12:0 a.m.•20 views

CVE-2022-42335

7.9AI score0.00093EPSS

Exploits0References5

Zero Day Initiative•added 2023/04/24 12:0 a.m.•60 views

(Pwn2Own) Oracle VirtualBox TPM MMIO Handling Stack-based Buffer Overflow Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Oracle VirtualBox. An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within the handlin...

8.2CVSS7.7AI score0.09718EPSS

Exploits1References1

Zero Day Initiative•added 2023/04/24 12:0 a.m.•44 views

(Pwn2Own) Oracle VirtualBox GPA Request Handling Uninitialized Memory Information Disclosure Vulnerability

This vulnerability allows local attackers to disclose sensitive information on affected installations of Oracle VirtualBox. An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within...

6CVSS5.2AI score0.00101EPSS

Exploits0References1

Zero Day Initiative•added 2023/04/24 12:0 a.m.•27 views

(Pwn2Own) Oracle VirtualBox OHCI USB Controller Uninitialized Memory Information Disclosure Vulnerability

6CVSS6.1AI score0.001EPSS

Exploits0References1

Zero Day Initiative•added 2023/04/24 12:0 a.m.•49 views

(Pwn2Own) Oracle VirtualBox OHCI USB Controller Use-After-Free Local Privilege Escalation Vulnerability

8.2CVSS8AI score0.00144EPSS

Exploits0References1

OpenVAS•added 2023/04/07 12:0 a.m.•23 views

Fedora: Security Advisory for xen (FEDORA-2023-04b5338dd0)