5603 matches found
CVE-2025-59033
The Microsoft vulnerable driver block list is implemented as Windows Defender Application Control WDAC policy. Entries that specify only the to-be-signed TBS part of the code signer certificate are properly blocked, but entries that specify the signing certificate's TBS hash along with a...
CVE-2025-54091
Integer overflow or wraparound in Windows Hyper-V allows an authorized attacker to elevate privileges locally...
Xen Security Vulnerabilities
Xen is an open source virtual machine monitor product from Xen Open Source. The product enables different and incompatible operating systems to run on the same computer and supports runtime migration to ensure uptime and avoid downtime. A security vulnerability exists in Xen, which stems from the...
CVE-2023-31351
Improper restriction of operations in the IOMMU could allow a malicious hypervisor to access guest private memory resulting in loss of integrity...
CVE-2024-36331
Improper initialization of CPU cache memory could allow a privileged attacker with hypervisor access to overwrite SEV-SNP guest memory resulting in loss of data integrity...
Nutanix AHV : Multiple Vulnerabilities (NXSA-AHV-10.3.0.2)
The version of AHV installed on the remote host is prior to AHV-10.3.0.2. It is, therefore, affected by multiple vulnerabilities as referenced in the NXSA-AHV-10.3.0.2 advisory. - There exists a vulnerability in SQLite versions before 3.50.2 where the number of aggregate terms could exceed the...
CVE-2025-59033
The Microsoft vulnerable driver block list is implemented as Windows Defender Application Control WDAC policy. Entries that specify only the to-be-signed TBS part of the code signer certificate are properly blocked, but entries that specify the signing certificate's TBS hash along with a...
CVE-2024-36331
Improper initialization of CPU cache memory could allow a privileged attacker with hypervisor access to overwrite SEV-SNP guest memory resulting in loss of data integrity...
CVE-2024-36331
Improper initialization of CPU cache memory could allow a privileged attacker with hypervisor access to overwrite SEV-SNP guest memory resulting in loss of data integrity...
DEBIAN-CVE-2024-36331
Improper initialization of CPU cache memory could allow a privileged attacker with hypervisor access to overwrite SEV-SNP guest memory resulting in loss of data integrity...
UBUNTU-CVE-2024-36331
Improper initialization of CPU cache memory could allow a privileged attacker with hypervisor access to overwrite SEV-SNP guest memory resulting in loss of data integrity...
CVE-2024-36331
CVE-2024-36331 is an issue in the Linux kernel affecting SEV-SNP memory integrity when a privileged attacker with hypervisor access can exploit improper CPU cache initialization to overwrite guest memory. Public sources in connected docs (Ubuntu USN advisories USN-7880-1, USN-7879-1, USN-7934-1; ...
CVE-2024-36331
Improper initialization of CPU cache memory could allow a privileged attacker with hypervisor access to overwrite SEV-SNP guest memory resulting in loss of data integrity...
CVE-2024-36331
Improper initialization of CPU cache memory could allow a privileged attacker with hypervisor access to overwrite SEV-SNP guest memory resulting in loss of data integrity...
CVE-2023-31351
Improper restriction of operations in the IOMMU could allow a malicious hypervisor to access guest private memory resulting in loss of integrity...
CVE-2023-31351
Improper restriction of operations in the IOMMU could allow a malicious hypervisor to access guest private memory resulting in loss of integrity...
CVE-2023-31351
Improper restriction of operations in the IOMMU could allow a malicious hypervisor to access guest private memory resulting in loss of integrity...
CVE-2023-31351
CVE-2023-31351 involves AMD IOMMU restrictions allowing a malicious hypervisor to access guest private memory, risking integrity loss on affected AMD EPYC/server platforms. Documents confirm this is tied to IOMMU operations and that mitigations are provided via Platform Initialization (PI) firmwa...
PT-2025-36382
Name of the Vulnerable Software and Affected Versions: versions prior to 12.0 Hotfix 91155 Description: Improper restriction of operations in the IOMMU could allow a malicious hypervisor to access guest private memory, resulting in a loss of integrity. Recommendations: At the moment, there is no...
FuzzBox: Blending Fuzzing into Emulation for Binary-Only Embedded Targets
Coverage-guided fuzzing has been widely applied to address zero-day vulnerabilities in general-purpose software and operating systems. This approach relies on instrumenting the target code at compile time. However, applying it to industrial systems remains challenging, due to proprietary and...