130 matches found
Exploit for CVE-2003-0201
Kioptrix Level 1: Full-Spectrum Vulnerability Audit & Exploita...
OESA-2025-2766 kernel security update
The Linux Kernel, the operating system core itself. Security Fixes: A transient execution vulnerability in some AMD processors may allow an attacker to infer data in the L1D cache, potentially resulting in the leakage of sensitive information across privileged boundaries.CVE-2024-36357 In the Lin...
kernel: transient execution vulnerability in some AMD processors
A transient execution vulnerability in some AMD processors may allow an attacker to infer data in the L1D cache, potentially resulting in the leakage of sensitive information across privileged boundaries...
kernel: transient execution vulnerability in some AMD processors
A transient execution vulnerability in some AMD processors may allow an attacker to infer data in the L1D cache, potentially resulting in the leakage of sensitive information across privileged boundaries...
KVM: x86: Don't (re)check L1 intercepts when completing userspace I/O
...
CVE-2025-40026
In the Linux kernel, the following vulnerability has been resolved: KVM: x86: Don't recheck L1 intercepts when completing userspace I/O When completing emulation of instruction that generated a userspace exit for I/O, don't recheck L1 intercepts as KVM has already finished that phase of instructi...
EUVD-2025-36441
In the Linux kernel, the following vulnerability has been resolved: KVM: x86: Don't recheck L1 intercepts when completing userspace I/O When completing emulation of instruction that generated a userspace exit for I/O, don't recheck L1 intercepts as KVM has already finished that phase of instructi...
CVE-2025-40026 KVM: x86: Don't (re)check L1 intercepts when completing userspace I/O
In the Linux kernel, the following vulnerability has been resolved: KVM: x86: Don't recheck L1 intercepts when completing userspace I/O When completing emulation of instruction that generated a userspace exit for I/O, don't recheck L1 intercepts as KVM has already finished that phase of instructi...
CVE-2025-40026
The CVE-2025-40026 entry concerns the Linux kernel KVM on x86. The issue arises when completing userspace I/O emulation: KVM should not recheck L1 intercepts because it has already completed that phase, but if the I/O permission bitmaps are modified during the exit to userspace, KVM may treat the...
CVE-2025-40026
In the Linux kernel, the following vulnerability has been resolved: KVM: x86: Don't recheck L1 intercepts when completing userspace I/O When completing emulation of instruction that generated a userspace exit for I/O, don't recheck L1 intercepts as KVM has already finished that phase of instructi...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from the completion of user-space IO without rechecking L1 interception, which could lead to incorrect IO access...
PT-2025-44392
Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.17.0-rc4-00104-g10fd0285305d Description The Linux kernel KVM component contains a flaw where it erroneously allows userspace to pend vCPU events for a vCPU that has not been initialized. This can lead to KVM...
CVE-2025-10696
OpenSupports exposes an endpoint that allows the list of 'supervised users' for any account to be edited, but it does not validate whether the actor is the owner of that list. A Level 1 staff member can modify the supervision relationship of a third party the target user, who can then view the...
CVE-2025-10696 OpenSupports 4.11.0 — Insecure Direct Object Reference in supervised list
OpenSupports exposes an endpoint that allows the list of 'supervised users' for any account to be edited, but it does not validate whether the actor is the owner of that list. A Level 1 staff member can modify the supervision relationship of a third party the target user, who can then view the...
PT-2025-40599
Name of the Vulnerable Software and Affected Versions OpenSupports version 4.11.0 Description The software exposes an endpoint that allows modification of the 'supervised users' list for any account without verifying ownership. This allows a Level 1 staff member to alter the supervision...
kernel: transient execution vulnerability in some AMD processors
A transient execution vulnerability in some AMD processors may allow an attacker to infer data in the L1D cache, potentially resulting in the leakage of sensitive information across privileged boundaries...
CVE-2023-53243 btrfs: add handling for RAID1C23/DUP to btrfs_reduce_alloc_profile
In the Linux kernel, the following vulnerability has been resolved: btrfs: add handling for RAID1C23/DUP to btrfsreduceallocprofile Callers of btrfsreduceallocprofile expect it to return exactly one allocation profile flag, and failing to do so may ultimately result in a WARNON and remount-ro whe...
CVE-2023-53208 KVM: nSVM: Load L1's TSC multiplier based on L1 state, not L2 state
In the Linux kernel, the following vulnerability has been resolved: KVM: nSVM: Load L1's TSC multiplier based on L1 state, not L2 state When emulating nested VM-Exit, load L1's TSC multiplier if L1's desired ratio doesn't match the current ratio, not if the ratio L1 is using for L2 diverges from...
CVE-2023-53208 KVM: nSVM: Load L1's TSC multiplier based on L1 state, not L2 state
In the Linux kernel, the following vulnerability has been resolved: KVM: nSVM: Load L1's TSC multiplier based on L1 state, not L2 state When emulating nested VM-Exit, load L1's TSC multiplier if L1's desired ratio doesn't match the current ratio, not if the ratio L1 is using for L2 diverges from...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from not properly loading the TSC multiplier for L1, which could lead to an error in the calculation of the...