3998 matches found
DEBIAN-CVE-2023-53208
In the Linux kernel, the following vulnerability has been resolved: KVM: nSVM: Load L1's TSC multiplier based on L1 state, not L2 state When emulating nested VM-Exit, load L1's TSC multiplier if L1's desired ratio doesn't match the current ratio, not if the ratio L1 is using for L2 diverges from...
UBUNTU-CVE-2023-53208
In the Linux kernel, the following vulnerability has been resolved: KVM: nSVM: Load L1's TSC multiplier based on L1 state, not L2 state When emulating nested VM-Exit, load L1's TSC multiplier if L1's desired ratio doesn't match the current ratio, not if the ratio L1 is using for L2 diverges from...
CVE-2023-53208
CVE-2023-53208 : Linux kernel KVM nested virtualization flaw where L1’s TSC multiplier is loaded based on L1 state instead of L2, causing a mismatch that userspace can trigger via MSR writes and guest CPUID changes. The fix ensures L1’s multiplier is loaded when exiting nested VM, preventing the ...
CVE-2023-53208 KVM: nSVM: Load L1's TSC multiplier based on L1 state, not L2 state
In the Linux kernel, the following vulnerability has been resolved: KVM: nSVM: Load L1's TSC multiplier based on L1 state, not L2 state When emulating nested VM-Exit, load L1's TSC multiplier if L1's desired ratio doesn't match the current ratio, not if the ratio L1 is using for L2 diverges from...
CVE-2023-53208 KVM: nSVM: Load L1's TSC multiplier based on L1 state, not L2 state
In the Linux kernel, the following vulnerability has been resolved: KVM: nSVM: Load L1's TSC multiplier based on L1 state, not L2 state When emulating nested VM-Exit, load L1's TSC multiplier if L1's desired ratio doesn't match the current ratio, not if the ratio L1 is using for L2 diverges from...
CVE-2023-53208 KVM: nSVM: Load L1's TSC multiplier based on L1 state, not L2 state
In the Linux kernel, the following vulnerability has been resolved: KVM: nSVM: Load L1's TSC multiplier based on L1 state, not L2 state When emulating nested VM-Exit, load L1's TSC multiplier if L1's desired ratio doesn't match the current ratio, not if the ratio L1 is using for L2 diverges from...
CVE-2025-59375
A memory amplification vulnerability in libexpat allows attackers to trigger excessive dynamic memory allocations by submitting specially crafted XML input. A small input 250 KiB can cause the parser to allocate hundreds of megabytes, leading to denial-of-service DoS through memory exhaustion...
CVE-2025-10224
Improper Authentication CWE-287 in the LDAP authentication engine in AxxonSoft Axxon One C-Werk 2.0.2 and earlier on Windows allows a remote authenticated user to be denied access or misassigned roles via incorrect evaluation of nested LDAP group memberships during login...
com.fasterxml.jackson.core/jackson-core: jackson-core Potential StackoverflowError
A nested data handling flaw was found in Jackson Core. When parsing particularly deeply nested data structures, a StackoverflowError can occur...
CVE-2025-10224
Improper Authentication CWE-287 in the LDAP authentication engine in AxxonSoft Axxon One C-Werk 2.0.2 and earlier on Windows allows a remote authenticated user to be denied access or misassigned roles via incorrect evaluation of nested LDAP group memberships during login...
CVE-2025-10224
Improper Authentication CWE-287 in the LDAP authentication engine in AxxonSoft Axxon One C-Werk 2.0.2 and earlier on Windows allows a remote authenticated user to be denied access or misassigned roles via incorrect evaluation of nested LDAP group memberships during login...
CVE-2025-10224
The CVE-2025-10224 entry concerns AxxonSoft Axxon One (C-Werk) prior to or equal to 2.0.2 on Windows, where the LDAP authentication engine improperly evaluates nested LDAP group memberships. This allows a remote authenticated user to be denied access or receive misassigned roles during login. The...
CVE-2025-10224 Incorrect Evaluation of LDAP Nested Groups during Login in AxxonSoft Axxon One (C-Werk)
Improper Authentication CWE-287 in the LDAP authentication engine in AxxonSoft Axxon One C-Werk 2.0.2 and earlier on Windows allows a remote authenticated user to be denied access or misassigned roles via incorrect evaluation of nested LDAP group memberships during login...
CVE-2025-10224 Incorrect Evaluation of LDAP Nested Groups during Login in AxxonSoft Axxon One (C-Werk)
Improper Authentication CWE-287 in the LDAP authentication engine in AxxonSoft Axxon One C-Werk 2.0.2 and earlier on Windows allows a remote authenticated user to be denied access or misassigned roles via incorrect evaluation of nested LDAP group memberships during login...
PT-2025-37043
Name of the Vulnerable Software and Affected Versions: AxxonSoft Axxon One versions 2.0.2 and earlier Description: The LDAP authentication engine in AxxonSoft Axxon One has an improper authentication issue. A remote authenticated user may be denied access or misassigned roles due to incorrect...
EulerOS 2.0 SP10 : polkit (EulerOS-SA-2025-2108)
According to the versions of the polkit packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A flaw was found in polkit. When processing an XML policy with 32 or more nested elements in depth, an out-of-bounds write can be triggered. This...
EulerOS 2.0 SP10 : polkit (EulerOS-SA-2025-2080)
According to the versions of the polkit packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A flaw was found in polkit. When processing an XML policy with 32 or more nested elements in depth, an out-of-bounds write can be triggered. This...
Huawei EulerOS: Security Advisory for polkit (EulerOS-SA-2025-2021)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2024-36331
Improper initialization of CPU cache memory could allow a privileged attacker with hypervisor access to overwrite SEV-SNP guest memory resulting in loss of data integrity...
CVE-2024-36331
CVE-2024-36331 is an issue in the Linux kernel affecting SEV-SNP memory integrity when a privileged attacker with hypervisor access can exploit improper CPU cache initialization to overwrite guest memory. Public sources in connected docs (Ubuntu USN advisories USN-7880-1, USN-7879-1, USN-7934-1; ...