102 matches found
CVE-2026-42490
This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. To create and manage guests, domctl operations are used by the control domain, a possible Xenstore domain, or by a domain controlling a particular guest. Some of these...
ALPINE-CVE-2026-42490
This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. To create and manage guests, domctl operations are used by the control domain, a possible Xenstore domain, or by a domain controlling a particular guest. Some of these...
ALPINE-CVE-2026-42489
This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. To create and manage guests, domctl operations are used by the control domain, a possible Xenstore domain, or by a domain controlling a particular guest. Some of these...
EUVD-2026-37890
This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. To create and manage guests, domctl operations are used by the control domain, a possible Xenstore domain, or by a domain controlling a particular guest. Some of these...
CVE-2026-42489
This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. To create and manage guests, domctl operations are used by the control domain, a possible Xenstore domain, or by a domain controlling a particular guest. Some of these...
CVE-2026-42489
CVE-2026-42489 / 42490 (Xen) : The Xen domctl mechanism used to create/manage guests relies on a system-wide lock whose acquisition lacks fairness. In environments using XSM/Flask, some operations may acquire this lock before permission checks, creating a potential abuse window. Documents do not ...
CVE-2026-42489 domctl lock open to abuse
This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. To create and manage guests, domctl operations are used by the control domain, a possible Xenstore domain, or by a domain controlling a particular guest. Some of these...
CVE-2026-42490 domctl lock open to abuse
This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. To create and manage guests, domctl operations are used by the control domain, a possible Xenstore domain, or by a domain controlling a particular guest. Some of these...
domctl lock open to abuse
ISSUE DESCRIPTION To create and manage guests, domctl operations are used by the control domain, a possible Xenstore domain, or by a domain controlling a particular guest. Some of these operations may not be executed in parallel, so a system-wide lock is used. The way that lock is acquired is,...
Roblox gives predators “powerful tools” to target children, says LA County
Los Angeles County has sued online gaming company Roblox, adding to a series of suits that accuse the virtual worlds platform of misleading parents into thinking it's safe while leaving children exposed to predators and sexually explicit content. The February 19 filing makes LA County the first...
MAL-2025-166166 Malicious code in suharta-poke38 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0b6cb9277a092cc6b05e251fa105772a11be7e37711484a2fffdf2f44277c329 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
EUVD-2025-94444
Malicious code in unfaircardinalz3n npm...
Malicious code in unfair_koala_z3n (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7e783b2320680db046a170b33210142fc91e99108ba4b7bd941420482db54093 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
EUVD-2025-73161
Malicious code in unfairmosquitoz3n npm...
EUVD-2025-73163
Malicious code in unfairfinchz3n npm...
EUVD-2025-73162
Malicious code in unfairllamaz3n npm...
MAL-2025-97128 Malicious code in unfair_llama_z3n (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9e959af7f8d16a9fe66a3cb6de459b5323c822430d5e9f8c192793de9c0c60d7 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
EUVD-2025-65732
Malicious code in unfairalpacaz3n npm...
EUVD-2025-65731
Malicious code in unfairturkeyz3n npm...
Malicious code in unfair-salmon-fish (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4e34b794d12c6beefa8a27caf7d73a74665ff4b2c5219f3a376e6b7c252a385f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...