CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

3999 matches found

SUSE CVE•added 2024/06/21 3:37 a.m.•2 views

SUSE CVE-2022-48763

In the Linux kernel, the following vulnerability has been resolved: KVM: x86: Forcibly leave nested virt when SMM state is toggled Forcibly leave nested virtualization operation if userspace toggles SMM state via KVMSETVCPUEVENTS or KVMSYNCX86EVENTS. If userspace forces the vCPU out of SMM while...

4.1CVSS6.2AI score0.00032EPSS

Exploits0References8

OSV•added 2024/06/20 12:15 p.m.•3 views

DEBIAN-CVE-2022-48763

5.5CVSS5.1AI score0.00032EPSS

Exploits0References1

NVD•added 2024/06/20 12:15 p.m.•21 views

CVE-2022-48763

5.5CVSS0.00032EPSS

Exploits0References4

OSV•added 2024/06/20 12:15 p.m.•0 views

UBUNTU-CVE-2022-48763

5.5CVSS5.8AI score0.00032EPSS

Exploits0References7

Vulnrichment•added 2024/06/20 11:13 a.m.•30 views

CVE-2022-48763 KVM: x86: Forcibly leave nested virt when SMM state is toggled

6.6AI score0.00032EPSS

Exploits0References4

OSV•added 2024/06/20 11:13 a.m.•15 views

CVE-2022-48763 KVM: x86: Forcibly leave nested virt when SMM state is toggled

5.5CVSS5.8AI score0.00032EPSS

Exploits0References7

CNNVD•added 2024/06/20 12:0 a.m.•1 views

Linux kernel security vulnerabilities

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a forced departure from the nested virtualizer when the KVM:x86 module switches SMM states...

5.5CVSS6.5AI score0.00032EPSS

Exploits0References7

UbuntuCve•added 2024/06/20 12:0 a.m.•18 views

CVE-2022-48763

5.5CVSS5.9AI score0.00032EPSS

Exploits0References6

Amazon•added 2024/06/12 12:0 a.m.•2 views

Important: kernel

Issue Overview: An issue was discovered in arch/x86/kvm/vmx/nested.c in the Linux kernel before 6.2.8. nVMX on x8664 lacks consistency checks for CR0 and CR4. CVE-2023-30456 In the Linux kernel, the following vulnerability has been resolved: ftrace: Fix invalid address access in lookuprec when...

7.8CVSS6.3AI score0.0004EPSS

Exploits0

RedHat Linux•added 2024/06/10 6:41 p.m.•2 views

sqlparse: parsing heavily nested list leads to denial of service

A flaw was found in sqlparse. This issue occurs in a heavily nested list in sqlparse.parse, where a recursion error may be triggered, which can lead to a denial of service...

7.5CVSS5.7AI score0.10881EPSS

Exploits0References5

RedhatCVE•added 2024/06/03 9:1 a.m.•25 views

CVE-2024-36017

In the Linux kernel, the following vulnerability has been resolved: rtnetlink: Correct nested IFLAVFVLANLIST attribute validation Each attribute inside a nested IFLAVFVLANLIST is assumed to be a struct iflavfvlaninfo so the size of such attribute needs to be at least of sizeofstruct iflavfvlaninf...

4.1CVSS6.2AI score0.00019EPSS

Exploits0References4

OSV•added 2024/05/30 1:15 p.m.•1 views

UBUNTU-CVE-2024-36017

5.5CVSS6.1AI score0.00019EPSS

Exploits0References29

OSV•added 2024/05/30 12:52 p.m.•16 views

CVE-2024-36017 rtnetlink: Correct nested IFLA_VF_VLAN_LIST attribute validation

5.5CVSS5.8AI score0.00019EPSS

Exploits0References13

CVE•added 2024/05/30 12:52 p.m.•162 views

CVE-2024-36017

The CVE-2024-36017 entry is valid and has concrete details in connected sources. The vulnerability is in the Linux kernel rtnetlink path: nested IFLA_VF_VLAN_LIST attributes are assumed to be struct ifla_vf_vlan_info (size 14 bytes). Validation used NLA_HDRLEN (4 bytes), enabling a too-small attr...

5.5CVSS6.5AI score0.00019EPSS

Exploits0References10Affected Software1

Amazon•added 2024/05/30 12:0 a.m.•1 views

Important: kernel

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: exthdr: fix 4-byte stack OOB write If priv-len is a multiple of 4, then dstlen / 4 can write past the destination array which leads to stack corruption. This construct is necessary to clean th...

8.1CVSS6.8AI score0.00343EPSS

Exploits1

BDU FSTEC•added 2024/05/28 12:0 a.m.•2 views

The vulnerability of the MPTCP protocol implementation in Linux kernel’s mptcp_copy_inaddrs() function allows a attacker to cause a service failure.

The vulnerability in the implementation of the MPTCP protocol in Linux kernel relates to the assignment of a zero pointer in the function mptcpcopyinaddrs in the net/mptcp/protocol.c module, during the processing of the list of nested threads when disabling them. Exploiting this vulnerability can...

5.5CVSS6.3AI score0.00079EPSS

Exploits0References8Affected Software1

CVE•added 2024/05/24 3:9 p.m.•142 views

CVE-2021-47544

CVE-2021-47544 affects the Linux kernel TCP path, specifically the page frag allocation in sk_page_frag() during a page fault on an mmapped user buffer from CIFS. The nested memory access triggers page-frag modifications that corrupt the TCP stream, observed in HTTP transfers served by Apache ove...

5.9CVSS7.1AI score0.00054EPSS

Exploits0References3Affected Software1

SUSE CVE•added 2024/05/23 3:5 a.m.•1 views

SUSE CVE-2021-47262

In the Linux kernel, the following vulnerability has been resolved: KVM: x86: Ensure liveliness of nested VM-Enter fail tracepoint message Use the string machinery provided by the tracing subystem to make a copy of the string literals consumed by the "nested VM-Enter failed" tracepoint. A complet...

7.1CVSS7.9AI score0.00022EPSS

Exploits0References3

RedHat Linux•added 2024/05/22 10:3 a.m.•1 views

hw: amd: Instruction raise #VC exception at exit

A vulnerability was found in AMD SEV-SNP, where a malicious hypervisor can potentially break confidentiality and integrity of SEV-SNP on Linux guests by injecting interrupts. An attacker can inject interrupt 0x80, which is used by Linux for legacy 32-bit system calls, and arbitrarily change the...

6.5CVSS6.8AI score0.00045EPSS

Exploits0References6

OSV•added 2024/05/21 3:15 p.m.•2 views

DEBIAN-CVE-2021-47262

7.1CVSS6AI score0.00022EPSS

Exploits0References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by