Lucene search
K

481 matches found

OSV
OSV
added 6 days ago2 views

ALPINE-CVE-2025-58151

varstored is a component of the Xapi toolstack handling UEFI Variables for a VM. It has a communication path with OVMF inside the VM involving mapping a buffer prepared by OVMF. Within varstored, there were insufficient compiler barriers, creating TOCTOU issues with data in the shared buffer. The...

9.4CVSS6.2AI score0.0012EPSS
Exploits0References1
NVD
NVD
added 6 days ago5 views

CVE-2025-58151

varstored is a component of the Xapi toolstack handling UEFI Variables for a VM. It has a communication path with OVMF inside the VM involving mapping a buffer prepared by OVMF. Within varstored, there were insufficient compiler barriers, creating TOCTOU issues with data in the shared buffer. The...

9.4CVSS0.0012EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 6 days ago6 views

CVE-2025-58151

varstored is a component of the Xapi toolstack handling UEFI Variables for a VM. It has a communication path with OVMF inside the VM involving mapping a buffer prepared by OVMF. Within varstored, there were insufficient compiler barriers, creating TOCTOU issues with data in the shared buffer. The...

9.4CVSS6.2AI score0.0012EPSS
Exploits0References2
Cvelist
Cvelist
added 6 days ago32 views

CVE-2025-58151 varstored: TOCTOU issues with mapped guest memory

varstored is a component of the Xapi toolstack handling UEFI Variables for a VM. It has a communication path with OVMF inside the VM involving mapping a buffer prepared by OVMF. Within varstored, there were insufficient compiler barriers, creating TOCTOU issues with data in the shared buffer. The...

9.4CVSS0.0012EPSS
Exploits0References1
EUVD
EUVD
added 6 days ago6 views

EUVD-2025-210447

varstored is a component of the Xapi toolstack handling UEFI Variables for a VM. It has a communication path with OVMF inside the VM involving mapping a buffer prepared by OVMF. Within varstored, there were insufficient compiler barriers, creating TOCTOU issues with data in the shared buffer. The...

9.4CVSS6.2AI score0.0012EPSS
Exploits0References1
CVE
CVE
added 6 days ago18 views

CVE-2025-58151

CVE-2025-58151 affects varstored, a Xen/Xapi component that handles UEFI variables and maps guest memory to OVMF. The vulnerability arises from TOCTOU due to insufficient compiler barriers in the shared buffer, with exploitation depending on compiler-generated code, and the attacker potentially c...

9.4CVSS6.2AI score0.0012EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/06/30 12:0 a.m.8 views

Linux Distros Unpatched Vulnerability : CVE-2026-53282

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - x86/kexec: Push kjump return address even for non-kjump kexec The version of purgatory code shipped by kexec-tools attempts to look above the top of its stack t...

5.5CVSS6AI score0.00121EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/06/29 8:8 a.m.7 views

CVE-2026-53282

A flaw was found in the Linux kernel's kexec functionality, specifically within the purgatory code used by kexec-tools. This vulnerability occurs when the purgatory code attempts to locate a return address on the stack during a non-kjump kexec operation, but the address is not present. This can...

5.5CVSS5.8AI score0.00121EPSS
Exploits0References4
OSV
OSV
added 2026/06/26 8:17 p.m.5 views

UBUNTU-CVE-2026-53282

In the Linux kernel, the following vulnerability has been resolved: x86/kexec: Push kjump return address even for non-kjump kexec The version of purgatory code shipped by kexec-tools attempts to look above the top of its stack to find a return address for a kjump, even in a non-kjump kexec. After...

5.5CVSS5.7AI score0.00121EPSS
Exploits0References6
ATTACKERKB
ATTACKERKB
added 2026/06/26 7:40 p.m.6 views

CVE-2026-53282

In the Linux kernel, the following vulnerability has been resolved: x86/kexec: Push kjump return address even for non-kjump kexec The version of purgatory code shipped by kexec-tools attempts to look above the top of its stack to find a return address for a kjump, even in a non-kjump kexec. After...

5.8AI score0.00121EPSS
Exploits0References4Affected Software1
EUVD
EUVD
added 2026/06/26 7:40 p.m.9 views

EUVD-2026-39887

In the Linux kernel, the following vulnerability has been resolved: x86/kexec: Push kjump return address even for non-kjump kexec The version of purgatory code shipped by kexec-tools attempts to look above the top of its stack to find a return address for a kjump, even in a non-kjump kexec. After...

5.8AI score0.00121EPSS
Exploits0References3
OSV
OSV
added 2026/06/24 9:32 p.m.16 views

MAL-2026-6403 Malicious code in @kl-dolphin/jump (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6b8f3b07b54ef6c2330673267757bff28f45494cbba5f6a71a78115a2a54f10b The package was found to contain malicious code or consuming dependency that contains malicious code Source: ghsa-malware...

6.1AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/24 9:32 p.m.7 views

Malicious code in @kl-dolphin/jump (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6b8f3b07b54ef6c2330673267757bff28f45494cbba5f6a71a78115a2a54f10b The package was found to contain malicious code or consuming dependency that contains malicious code Source: ghsa-malware...

5.9AI score
Exploits0References2
SUSE CVE
SUSE CVE
added 2026/06/16 2:20 a.m.11 views

SUSE CVE-2026-47167

Vim is an open source, command line text editor. Prior to version 9.2.0496, a code injection vulnerability exists in s:stepmatch in the cucumber filetype plugin runtime/ftplugin/cucumber.vim on Vim builds with +ruby support. Step-definition patterns read from .rb files under the repository's...

5.3CVSS5.8AI score0.00135EPSS
Exploits0References3
NVD
NVD
added 2026/06/11 7:16 p.m.12 views

CVE-2026-47167

Vim is an open source, command line text editor. Prior to version 9.2.0496, a code injection vulnerability exists in s:stepmatch in the cucumber filetype plugin runtime/ftplugin/cucumber.vim on Vim builds with +ruby support. Step-definition patterns read from .rb files under the repository's...

5.3CVSS0.00135EPSS
Exploits0References3
AlpineLinux
AlpineLinux
added 2026/06/11 6:31 p.m.7 views

CVE-2026-47167

Vim is an open source, command line text editor. Prior to version 9.2.0496, a code injection vulnerability exists in s:stepmatch in the cucumber filetype plugin runtime/ftplugin/cucumber.vim on Vim builds with +ruby support. Step-definition patterns read from .rb files under the repository's...

5.3CVSS5.8AI score0.00135EPSS
Exploits0References3
OSV
OSV
added 2026/06/07 3:45 p.m.6 views

MINI-JMP9-3VCJ-R445

Bulletin has no description...

6.1CVSS5.2AI score0.00178EPSS
Exploits0
GithubExploit
GithubExploit
added 2026/05/21 6:52 p.m.74 views

rgui-3.4.4-seh-bof-exploit

Exploração de Buffer Overflow SEH Overwrite no RGui 3.4.4...

5.8AI score
Exploits0
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in Linux 5.10, Linux

In the Linux kernel, the following vulnerability has been resolved: powerpc/64: The jump labels are called before parseearlyparam is executed. On 64-bit systems, calling jumplabelinit within setupfeaturekeys is too late because static keys may be used in subroutines of parseearlyparam, which in...

5.5CVSS6AI score0.00205EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: BPF: Handling jset if a & b ... as a jump in CFG computation. BPFJSET is a conditional jump, and currently, verifier.c:canjump does not take this into account. This can lead to incorrect live registers and incorrect SCC Set of...

5.5CVSS5.3AI score0.00134EPSS
Exploits0References2
Rows per page
Query Builder