Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

84 matches found

Xen Project
Xen Projectadded 2026/01/27 12:0 p.m.5 views

varstored: TOCTOU issues with mapped guest memory

ISSUE DESCRIPTION varstored is a component of the Xapi toolstack handling UEFI Variables for a VM. It has a communication path with OVMF inside the VM involving mapping a buffer prepared by OVMF. Within varstored, there were insufficient compiler barriers, creating TOCTOU issues with data in the...

6.4AI score
Exploits0
Tenable Nessus
Tenable Nessusadded 2026/01/13 12:0 a.m.3 views

MiracleLinux 7 : kernel-3.10.0-1160.119.1.0.8.el7.AXS7 (AXSA:2025-9625:10)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2025-9625:10 advisory. media: edia: dvbdev: fix a use-after-free CVE-2024-27043 btrfs: dev-replace: properly validate device names CVE-2024-26791 KVM: nSVM: Ignore nCR34:0...

7.8CVSS6.2AI score0.00014EPSS
Exploits0References5
EUVD
EUVDadded 2025/10/07 12:30 a.m.1 views

EUVD-2021-15344

Malware in sbrugna...

5.5CVSS7.1AI score0.00045EPSS
Exploits0References4
EUVD
EUVDadded 2025/10/07 12:30 a.m.3 views

EUVD-2013-4253

Malware in sbrugna...

4.4CVSS6AI score0.00082EPSS
Exploits0References4
EUVD
EUVDadded 2025/10/07 12:30 a.m.2 views

EUVD-2015-2841

Malware in sbrugna...

7.1CVSS8.2AI score0.01427EPSS
Exploits0References12
OSV
OSVadded 2024/12/19 12:15 p.m.1 views

ALPINE-CVE-2024-45819

PVH guests have their ACPI tables constructed by the toolstack. The construction involves building the tables in local memory, which are then copied into guest memory. While actually used parts of the local memory are filled in correctly, excess space that is being allocated is left with its prio...

5.5CVSS6.7AI score0.00103EPSS
Exploits0References1
OSV
OSVadded 2024/12/19 12:15 p.m.0 views

UBUNTU-CVE-2024-45819

PVH guests have their ACPI tables constructed by the toolstack. The construction involves building the tables in local memory, which are then copied into guest memory. While actually used parts of the local memory are filled in correctly, excess space that is being allocated is left with its prio...

5.5CVSS5.8AI score0.00103EPSS
Exploits0References3
SUSE CVE
SUSE CVEadded 2024/11/13 3:55 a.m.1 views

SUSE CVE-2024-45819

PVH guests have their ACPI tables constructed by the toolstack. The construction involves building the tables in local memory, which are then copied into guest memory. While actually used parts of the local memory are filled in correctly, excess space that is being allocated is left with its prio...

5.5CVSS6.7AI score0.00103EPSS
Exploits0References10
Positive Technologies
Positive Technologiesadded 2024/11/12 12:0 a.m.2 views

PT-2024-10469

Name of the Vulnerable Software and Affected Versions Xen affected versions not specified Description The issue is related to the construction of ACPI tables for PVH guests by the toolstack, which involves building the tables in local memory before copying them into guest memory. The excess space...

7.5CVSS7.9AI score0.03118EPSS
Exploits0References114
SUSE CVE
SUSE CVEadded 2023/02/15 5:36 a.m.1 views

SUSE CVE-2013-4371

Use-after-free vulnerability in the libxllistcpupool function in the libxl toolstack library in Xen 4.2.x and 4.3.x, when running "under memory pressure," returns the original pointer when the realloc function fails, which allows local users to cause a denial of service heap corruption and crash...

4.4CVSS7.5AI score0.00082EPSS
Exploits0References5
SUSE CVE
SUSE CVEadded 2023/02/15 5:30 a.m.1 views

SUSE CVE-2014-1950

Use-after-free vulnerability in the xccpupoolgetinfo function in Xen 4.1.x through 4.3.x, when using a multithreaded toolstack, does not properly handle a failure by the xccpumapalloc function, which allows local users with access to management functions to cause a denial of service heap corrupti...

4.6CVSS6.8AI score0.00083EPSS
Exploits0References5
SUSE CVE
SUSE CVEadded 2023/02/15 5:20 a.m.1 views

SUSE CVE-2015-2751

Xen 4.3.x, 4.4.x, and 4.5.x, when using toolstack disaggregation, allows remote domains with partial management control to cause a denial of service host lock via unspecified domctl operations...

7.1CVSS6.6AI score0.01427EPSS
Exploits0References10
SUSE CVE
SUSE CVEadded 2023/02/15 5:12 a.m.2 views

SUSE CVE-2015-8341

The libxl toolstack library in Xen 4.1.x through 4.6.x does not properly release mappings of files used as kernels and initial ramdisks when managing multiple domains in the same process, which allows attackers to cause a denial of service memory and disk consumption by starting domains...

7.8CVSS6.6AI score0.00539EPSS
Exploits0References10
SUSE CVE
SUSE CVEadded 2023/02/15 3:44 a.m.2 views

SUSE CVE-2021-28687

HVM soft-reset crashes toolstack libxl requires all data structures passed across its public interface to be initialized before use and disposed of afterwards by calling a specific set of functions. Many internal data structures also require this initialize / dispose discipline, but not all of...

5.5CVSS9.3AI score0.00045EPSS
Exploits0References11
SUSE CVE
SUSE CVEadded 2023/02/15 3:23 a.m.2 views

SUSE CVE-2022-42330

Guests can cause Xenstore crash via soft reset When a guest issues a "Soft Reset" e.g. for performing a kexec the libxl based Xen toolstack will normally perform a XSRELEASE Xenstore operation. Due to a bug in xenstored this can result in a crash of xenstored. Any other use of XSRELEASE will have...

5.5CVSS6.9AI score0.00311EPSS
Exploits0References3
OSV
OSVadded 2023/01/26 9:16 p.m.13 views

CVE-2022-42330

Guests can cause Xenstore crash via soft reset When a guest issues a "Soft Reset" e.g. for performing a kexec the libxl based Xen toolstack will normally perform a XSRELEASE Xenstore operation. Due to a bug in xenstored this can result in a crash of xenstored. Any other use of XSRELEASE will have...

7.5CVSS6.8AI score
Exploits0References3
ATTACKERKB
ATTACKERKBadded 2023/01/26 9:16 p.m.4 views

CVE-2022-42330

Guests can cause Xenstore crash via soft reset When a guest issues a "Soft Reset" e.g. for performing a kexec the libxl based Xen toolstack will normally perform a XSRELEASE Xenstore operation. Due to a bug in xenstored this can result in a crash of xenstored. Any other use of XSRELEASE will have...

7.5CVSS5.8AI score0.00311EPSS
Exploits0References3
OSV
OSVadded 2023/01/26 9:16 p.m.1 views

ALPINE-CVE-2022-42330

Guests can cause Xenstore crash via soft reset When a guest issues a "Soft Reset" e.g. for performing a kexec the libxl based Xen toolstack will normally perform a XSRELEASE Xenstore operation. Due to a bug in xenstored this can result in a crash of xenstored. Any other use of XSRELEASE will have...

7.5CVSS6.8AI score0.00311EPSS
Exploits0References1
OSV
OSVadded 2023/01/26 9:16 p.m.1 views

DEBIAN-CVE-2022-42330

Guests can cause Xenstore crash via soft reset When a guest issues a "Soft Reset" e.g. for performing a kexec the libxl based Xen toolstack will normally perform a XSRELEASE Xenstore operation. Due to a bug in xenstored this can result in a crash of xenstored. Any other use of XSRELEASE will have...

7.5CVSS7.6AI score0.00311EPSS
Exploits0References1
Prion
Prionadded 2023/01/26 9:16 p.m.14 views

Design/Logic Flaw

Guests can cause Xenstore crash via soft reset When a guest issues a "Soft Reset" e.g. for performing a kexec the libxl based Xen toolstack will normally perform a XSRELEASE Xenstore operation. Due to a bug in xenstored this can result in a crash of xenstored. Any other use of XSRELEASE will have...

5CVSS7.4AI score0.00311EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder