Lucene search
+L

395 matches found

NVD
NVD
added 2026/05/27 2:17 p.m.16 views

CVE-2026-46076

In the Linux kernel, the following vulnerability has been resolved: KVM: nSVM: Raise UD if unhandled VMMCALL isn't intercepted by L1 Explicitly synthesize a UD for VMMCALL if L2 is active, L1 does NOT want to intercept VMMCALL, nestedsvml2tlbflushenabled is true, and the hypercall is something...

7.9CVSS0.00121EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/05/27 12:58 p.m.62 views

CVE-2026-46076 KVM: nSVM: Raise #UD if unhandled VMMCALL isn't intercepted by L1

In the Linux kernel, the following vulnerability has been resolved: KVM: nSVM: Raise UD if unhandled VMMCALL isn't intercepted by L1 Explicitly synthesize a UD for VMMCALL if L2 is active, L1 does NOT want to intercept VMMCALL, nestedsvml2tlbflushenabled is true, and the hypercall is something...

7.9CVSS0.00121EPSS
Exploits0References4
OSV
OSV
added 2026/05/27 12:58 p.m.4 views

CVE-2026-46076 KVM: nSVM: Raise #UD if unhandled VMMCALL isn't intercepted by L1

In the Linux kernel, the following vulnerability has been resolved: KVM: nSVM: Raise UD if unhandled VMMCALL isn't intercepted by L1 Explicitly synthesize a UD for VMMCALL if L2 is active, L1 does NOT want to intercept VMMCALL, nestedsvml2tlbflushenabled is true, and the hypercall is something...

7.9CVSS6.6AI score0.00121EPSS
Exploits0References7
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.8 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: KVM: nSVM: Loads the TSC multiplier of L1 based on L1’s state, not L2’s state. When emulating a nested VM-Exit, the TSC multiplier of L1 is loaded if L1’s desired ratio does not match the current ratio. This does not occur if L1’...

5.5CVSS6AI score0.00143EPSS
Exploits0References2
Snyk
Snyk
added 2026/05/06 7:57 p.m.7 views

Improper Synchronization

Overview Affected versions of this package are vulnerable to Improper Synchronization through the bridgeOut precompile. An attacker can restore their ERC-20 token balance and allowance after a burn operation by exploiting stale state overwrites in the dual-context state management, enabling...

9.1CVSS5.8AI score
Exploits0References2
Snyk
Snyk
added 2026/05/06 7:57 p.m.7 views

Improper Synchronization

Overview Affected versions of this package are vulnerable to Improper Synchronization through the bridgeOut precompile. An attacker can restore their ERC-20 token balance and allowance after a burn operation by exploiting stale state overwrites in the dual-context state management, enabling...

9.1CVSS5.8AI score
Exploits0References2
Github Security Blog
Github Security Blog
added 2026/05/06 7:57 p.m.24 views

Mezo: ERC-20 bridgeOut burn can be erased by a stale StateDB overwrite leading to full L1 bridge drain

Note: the fixed version of the validator client has been deployed for some time. Impact Potential full drain of L1 bridge without changing bridged balance on Mezo. Brief/Intro A malicious user can steal all ERC-20 tokens locked in the L1 bridge by repeatedly calling the bridgeOut precompile from ...

5.9AI score
Exploits0References2Affected Software1
Tenable Nessus
Tenable Nessus
added 2026/04/22 12:0 a.m.6 views

Unity Linux 20.1070a Security Update: kernel (UTSA-2026-013809)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013809 advisory. In the Linux kernel, the following vulnerability has been resolved: KVM: x86: Don't recheck L1 intercepts when completing userspace I/O When completing emulation of...

5.7AI score0.00241EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/03/26 3:1 p.m.7 views

CVE-2026-27842

Authentication bypass issue exists in MR-GM5L-S1 and MR-GM5A-L1, which may allow an attacker to bypass authentication and change the device configuration...

9.8CVSS7.3AI score0.00558EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/03/26 2:59 p.m.3 views

CVE-2026-20892

Code injection vulnerability exists in MR-GM5L-S1 and MR-GM5A-L1, which may allow an attacker with administrative privileges to execute arbitrary commands...

8.6CVSS7.4AI score0.00567EPSS
Exploits0References1
EUVD
EUVD
added 2026/03/11 6:31 a.m.4 views

EUVD-2026-11101

Authentication bypass issue exists in MR-GM5L-S1 and MR-GM5A-L1, which may allow an attacker to bypass authentication and change the device configuration...

9.8CVSS7.3AI score0.00558EPSS
Exploits0References3
EUVD
EUVD
added 2026/03/11 6:31 a.m.7 views

EUVD-2026-11087

Code injection vulnerability exists in MR-GM5L-S1 and MR-GM5A-L1, which may allow an attacker with administrative privileges to execute arbitrary commands...

8.6CVSS7.3AI score0.00567EPSS
Exploits0References3
EUVD
EUVD
added 2026/03/11 6:31 a.m.4 views

EUVD-2026-11091

Use of hard-coded credentials issue exists in MR-GM5L-S1 and MR-GM5A-L1, which may allow an attacker to obtain administrative access...

9.8CVSS7.3AI score0.00392EPSS
Exploits0References3
NVD
NVD
added 2026/03/11 6:17 a.m.4 views

CVE-2026-20892

Code injection vulnerability exists in MR-GM5L-S1 and MR-GM5A-L1, which may allow an attacker with administrative privileges to execute arbitrary commands...

8.6CVSS0.00567EPSS
Exploits0References2
NVD
NVD
added 2026/03/11 6:17 a.m.4 views

CVE-2026-27842

Authentication bypass issue exists in MR-GM5L-S1 and MR-GM5A-L1, which may allow an attacker to bypass authentication and change the device configuration...

9.8CVSS0.00558EPSS
Exploits0References2
NVD
NVD
added 2026/03/11 6:17 a.m.6 views

CVE-2026-24448

Use of hard-coded credentials issue exists in MR-GM5L-S1 and MR-GM5A-L1, which may allow an attacker to obtain administrative access...

9.8CVSS0.00392EPSS
Exploits0References2
EUVD
EUVD
added 2026/03/11 5:25 a.m.3 views

EUVD-2026-11102

Authentication bypass issue exists in MR-GM5L-S1 and MR-GM5A-L1, which may allow an attacker to bypass authentication and change the device configuration...

9.8CVSS7.3AI score0.00558EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/03/11 5:25 a.m.3 views

CVE-2026-27842

Authentication bypass issue exists in MR-GM5L-S1 and MR-GM5A-L1, which may allow an attacker to bypass authentication and change the device configuration...

9.8CVSS5.8AI score0.00558EPSS
Exploits0References2
CVE
CVE
added 2026/03/11 5:25 a.m.11 views

CVE-2026-27842

CVE-2026-27842 affects Micro Research MR-GM5L-S1 and MR-GM5A-L1. The issue is an authentication bypass (CWE-288 per JVNDB) that could let an attacker bypass authentication and change device configuration. Severity is reflected as CRITICAL in multiple sources, with CVSSv3.0/4.0 scores indicating n...

9.8CVSS7.3AI score0.00558EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/03/11 5:25 a.m.32 views

CVE-2026-27842

Authentication bypass issue exists in MR-GM5L-S1 and MR-GM5A-L1, which may allow an attacker to bypass authentication and change the device configuration...

9.8CVSS0.00558EPSS
Exploits0References2
Rows per page
Query Builder