Lucene search
K

27 matches found

EUVD
EUVD
added 2026/06/26 3:27 p.m.10 views

EUVD-2026-39788

Broken Access Control in the devLXDInstancePatchHandler component of Canonical LXD allows an untrusted guest to mount, read, and overwrite another guest's custom storage volume via a crafted device PATCH request over /dev/lxd when security.devlxd.management.volumes is enabled...

8.4CVSS5.8AI score0.00209EPSS
Exploits1References2
ATTACKERKB
ATTACKERKB
added 2026/06/26 3:27 p.m.8 views

CVE-2026-12411

Broken Access Control in the devLXDInstancePatchHandler component of Canonical LXD allows an untrusted guest to mount, read, and overwrite another guest's custom storage volume via a crafted device PATCH request over /dev/lxd when security.devlxd.management.volumes is enabled...

8.4CVSS5.8AI score0.00209EPSS
Exploits1References3Affected Software1
CVE
CVE
added 2026/06/26 3:27 p.m.19 views

CVE-2026-12411

CVE-2026-12411 concerns Canonical LXD where the devLXDInstancePatchHandler component suffers a broken access control, allowing an untrusted guest to mount, read, and overwrite another guest’s custom storage volume via a crafted device PATCH to /dev/lxd when security.devlxd.management.volumes is e...

9.6CVSS5.8AI score0.00209EPSS
Exploits1References2Affected Software1
Positive Technologies
Positive Technologies
added 2026/06/26 12:0 a.m.10 views

PT-2026-52840

Name of the Vulnerable Software and Affected Versions Canonical LXD affected versions not specified Description Broken Access Control in the devLXDInstancePatchHandler component allows an untrusted guest to mount, read, and overwrite the custom storage volume of another guest. This is achieved by...

9.6CVSS5.9AI score0.00209EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2026/01/16 12:0 a.m.4 views

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-001323)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001323 advisory. Linux Linux kernel version at least v4.8 onwards, probably well before contains a Insufficient input validation vulnerability in bnx2x network card driver that can...

7.7CVSS6.4AI score0.039EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/01/15 12:0 a.m.4 views

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003072)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003072 advisory. Linux Linux kernel version at least v4.8 onwards, probably well before contains a Insufficient input validation vulnerability in bnx2x network card driver that can...

7.7CVSS6.4AI score0.039EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/01/15 12:0 a.m.2 views

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-003429)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003429 advisory. Linux Linux kernel version at least v4.8 onwards, probably well before contains a Insufficient input validation vulnerability in bnx2x network card driver that can...

7.7CVSS6.4AI score0.039EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/01/09 9:53 a.m.9 views

CVE-2020-10565

grub2-bhyve, as used in FreeBSD bhyve before revision 525916 2020-02-12, does not validate the address provided as part of a memrw command read or write by a guest through a grub2.cfg file. This allows an untrusted guest to perform arbitrary read or write operations in the context of the grub-bhy...

7.8CVSS7.6AI score0.0041EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2018-1787

Malware in sbrugna...

7.7CVSS6.3AI score0.039EPSS
Exploits0References20
Tenable Nessus
Tenable Nessus
added 2025/02/10 12:0 a.m.7 views

EulerOS 2.0 SP11 : dpdk (EulerOS-SA-2025-1154)

According to the versions of the dpdk package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : An out-of-bounds read vulnerability was found in DPDK's Vhost library checksum offload feature. This issue enables an untrusted or compromised guest ...

7.4CVSS7.1AI score0.00551EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2025/01/09 5:3 p.m.4 views

dpdk: Denial Of Service from malicious guest on hypervisors using DPDK Vhost library

An out-of-bounds read vulnerability was found in DPDK's Vhost library checksum offload feature. This issue enables an untrusted or compromised guest to crash the hypervisor's vSwitch by forging Virtio descriptors to cause out-of-bounds reads. This flaw allows an attacker with a malicious VM using...

7.4CVSS5.8AI score0.00551EPSS
Exploits0References4
Cvelist
Cvelist
added 2024/06/13 9:23 p.m.24 views

CVE-2024-0094 CVE

NVIDIA vGPU software for Linux contains a vulnerability in the Virtual GPU Manager, where an untrusted guest VM can cause improper control of the interaction frequency in the host. A successful exploit of this vulnerability might lead to denial of service...

5.5CVSS0.0015EPSS
Exploits0References1
F5 Networks
F5 Networks
added 2023/02/21 6:7 p.m.75 views

K35504111: Linux kernel vulnerability CVE-2018-1000026

Security Advisory Description Linux Linux kernel version at least v4.8 onwards, probably well before contains a Insufficient input validation vulnerability in bnx2x network card driver that can result in DoS: Network card firmware assertion takes card off-line. This attack appear to be exploitabl...

7.7CVSS6.2AI score0.039EPSS
Exploits0
NVD
NVD
added 2020/03/14 1:15 a.m.16 views

CVE-2020-10565

grub2-bhyve, as used in FreeBSD bhyve before revision 525916 2020-02-12, does not validate the address provided as part of a memrw command read or write by a guest through a grub2.cfg file. This allows an untrusted guest to perform arbitrary read or write operations in the context of the grub-bhy...

7.8CVSS7.9AI score0.0041EPSS
Exploits0References1
Prion
Prion
added 2020/03/14 1:15 a.m.18 views

Design/Logic Flaw

grub2-bhyve, as used in FreeBSD bhyve before revision 525916 2020-02-12, does not validate the address provided as part of a memrw command read or write by a guest through a grub2.cfg file. This allows an untrusted guest to perform arbitrary read or write operations in the context of the grub-bhy...

7.2CVSS7.9AI score0.0041EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2019/03/13 8:41 p.m.5 views

MGASA-2019-0107 Updated kernel packages fix security vulnerability

This kernel update is based on the upstream 4.14.104 and fixes at least the following security issue: Linux kernel version at least v4.8 onwards, probably well before contains a Insufficient input validation vulnerability in bnx2x network card driver that can result in DoS: Network card firmware...

7.7CVSS6.6AI score0.039EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2018/10/30 12:31 p.m.7 views

kernel: Improper validation in bnx2x network card driver can allow for denial of service attacks via crafted packet

Improper validation in the bnx2x network card driver of the Linux kernel version 4.15 can allow for denial of service DoS attacks via a packet with a gsosize larger than 9700 bytes. Untrusted guest VMs can exploit this vulnerability in the host machine, causing a crash in the network card...

7.7CVSS7.2AI score0.039EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2018/10/30 12:5 p.m.3 views

kernel: Improper validation in bnx2x network card driver can allow for denial of service attacks via crafted packet

Improper validation in the bnx2x network card driver of the Linux kernel version 4.15 can allow for denial of service DoS attacks via a packet with a gsosize larger than 9700 bytes. Untrusted guest VMs can exploit this vulnerability in the host machine, causing a crash in the network card...

7.7CVSS7.2AI score0.039EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2018/10/30 10:4 a.m.3 views

kernel: Improper validation in bnx2x network card driver can allow for denial of service attacks via crafted packet

Improper validation in the bnx2x network card driver of the Linux kernel version 4.15 can allow for denial of service DoS attacks via a packet with a gsosize larger than 9700 bytes. Untrusted guest VMs can exploit this vulnerability in the host machine, causing a crash in the network card...

7.7CVSS7.2AI score0.039EPSS
Exploits0References4
OSV
OSV
added 2018/02/09 11:29 p.m.6 views

AZL-6517 CVE-2018-1000026 affecting package kernel for versions less than 5.10.78.1-1

Linux Linux kernel version at least v4.8 onwards, probably well before contains a Insufficient input validation vulnerability in bnx2x network card driver that can result in DoS: Network card firmware assertion takes card off-line. This attack appear to be exploitable via An attacker on a must pa...

7.7CVSS6.6AI score0.039EPSS
Exploits0References1
Rows per page
Query Builder