CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

208 matches found

AstraLinux•added 2026/05/20 5:53 a.m.•3 views

Astra Linux - уязвимость в linux-6.1

Improper initialization of the CPU cache memory could allow a privileged attacker with access to the hypervisor to overwrite the SEV-SNP guest memory, resulting in loss of data integrity...

3.2CVSS5.8AI score0.0003EPSS

Exploits0References2

AstraLinux•added 2026/05/20 5:53 a.m.•1 views

Astra Linux - уязвимость в linux-5.15

In the Linux kernel before version 6.9, a trusted-to-non-trusted hypervisor can inject Virtual Interrupt 29 VC at any point in time and can trigger its handler. This affects AMD SEV-SNP and AMD SEV-ES...

6.5CVSS6.6AI score0.00045EPSS

Exploits0References2

Vulnrichment•added 2026/05/13 3:3 a.m.•3 views

CVE-2025-61972

Missing lock bit protection for NBIO registers could allow a local admin-privileged attacker to gain arbitrary System Management Network SMN access, potentially resulting in arbitrary code execution in AMD Secure Processor ASP and loss of the SEV-SNP guest's confidentiality and integrity...

8.5CVSS6.3AI score0.00017EPSS

Exploits0References1

CVE•added 2026/05/13 3:2 a.m.•11 views

CVE-2025-61971

The CVE-2025-61971 entry concerns missing lock bit protection for NBIO registers in AMD systems, enabling a locally privileged attacker to modify MMIO routing configurations and potentially compromise SEV-SNP guest integrity. Connected sources confirm affected component as NBIO registers and MMIO...

5.9CVSS5.8AI score0.00016EPSS

Exploits0References1

CNNVD•added 2026/05/13 12:0 a.m.•5 views

AMD多款产品安全漏洞

AMD EPYC is a high-performance server processor developed by American semiconductor company AMD. Several AMD products have security vulnerabilities. These vulnerabilities could allow local administrator attackers to modify MMIO routing configurations, potentially leading to loss of SEV-SNP client...

5.9CVSS5.9AI score0.00016EPSS

Exploits0References1

OSV•added 2026/04/24 3:16 p.m.•1 views

DEBIAN-CVE-2026-31593

In the Linux kernel, the following vulnerability has been resolved: KVM: SEV: Reject attempts to sync VMSA of an already-launched/encrypted vCPU Reject synchronizing vCPU state to its associated VMSA if the vCPU has already been launched, i.e. if the VMSA has already been encrypted. On a host wit...

5.5CVSS5.3AI score0.00015EPSS

Exploits0References1

ATTACKERKB•added 2026/04/24 2:42 p.m.•3 views

CVE-2026-31593

5.2AI score0.00015EPSS

Exploits0References6Affected Software1

Amd•added 2026/04/14 12:0 a.m.•45 views

SEV-SNP Routing Misconfiguration

CVE Details Refer to Glossary for explanation of terms CVE| CVE Description| CVSS Score ---|---|--- CVE-2025-54510| A missing lock verification in AMD Secure Processor ASP firmware may permit a locally authenticated attacker with administrative privileges to alter MMIO routing on some Zen 5-based...

5.9CVSS5.8AI score0.00017EPSS

Exploits1

Cvelist•added 2026/03/26 11:34 p.m.•28 views

CVE-2026-33697 CoCoS attested TLS is vulnerable to relay attacks via extracted ephemeral TLS keys

Cocos AI is a confidential computing system for AI. The current implementation of attested TLS aTLS in CoCoS is vulnerable to a relay attack affecting all versions from v0.4.0 through v0.8.2. This vulnerability is present in both the AMD SEV-SNP and Intel TDX deployment targets supported by CoCoS...

7.5CVSS0.00005EPSS

Exploits0References1

OSV•added 2026/03/26 11:34 p.m.•4 views

CVE-2026-33697 CoCoS attested TLS is vulnerable to relay attacks via extracted ephemeral TLS keys

7.5CVSS5.9AI score0.00005EPSS

Exploits0References3

Positive Technologies•added 2026/03/26 12:0 a.m.•2 views

PT-2026-28509

Name of the Vulnerable Software and Affected Versions Cocos AI versions 0.4.0 through 0.8.2 Description Cocos AI, a confidential computing system for AI, has a weakness in its attested TLS aTLS implementation. This allows for a relay attack where an attacker may be able to extract the ephemeral T...

7.5CVSS6AI score0.00005EPSS

Exploits0References4

OSV•added 2026/03/25 7:13 p.m.•5 views

USN-8126-1 linux-azure-6.8 vulnerabilities

Qualys discovered that several vulnerabilities existed in the AppArmor Linux kernel Security Module LSM. An unprivileged local attacker could use these issues to load, replace, and remove arbitrary AppArmor profiles causing denial of service, exposure of sensitive information kernel memory, local...

9.8CVSS7AI score0.03752EPSS

Exploits18References1181

Tenable Nessus•added 2026/03/06 12:0 a.m.•1 views

Ubuntu 24.04 LTS : Linux kernel (Azure) vulnerabilities (USN-8074-1)

"The remote Ubuntu 24.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-8074-1 advisory. It was discovered that improper initialization of CPU cache memory could allow a local attacker with hypervisor access to overwrite SEV-SNP guest memory...

9.8CVSS5.9AI score0.00452EPSS

Exploits10References754

OSV•added 2026/03/04 3:48 p.m.•1 views

USN-8074-2 linux-azure-fips vulnerabilities

It was discovered that improper initialization of CPU cache memory could allow a local attacker with hypervisor access to overwrite SEV-SNP guest memory resulting in loss of data integrity. CVE-2024-36331 Oleksii Oleksenko, Cedric Fournet, Jana Hofmann, Boris Köpf, Stavros Volos, and Flavien Solt...

9.8CVSS6.8AI score0.00452EPSS

Exploits10References754

Tenable Nessus•added 2026/02/28 12:0 a.m.•5 views

SUSE SLES15 Security Update : snpguest (SUSE-SU-2026:0620-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:0620-1 advisory. Update to version 0.10.0. Security issues fixed: - CVE-2026-25727: time: parsing of user-provided input by the RFC 2822 date parser...

8.8CVSS6AI score0.00151EPSS

Exploits1References11

OSV•added 2026/02/24 6:57 p.m.•1 views

USN-8052-2 linux-xilinx vulnerabilities

9.8CVSS6.9AI score0.00452EPSS

Exploits8References754