CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

25 matches found

Tenable Nessus•added 2025/11/09 12:0 a.m.•4 views

Fedora 42 : xen (2025-ec271ef07b)

The remote Fedora 42 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2025-ec271ef07b advisory. Incorrect removal of permissions on PCI device unplug XSA-476, CVE-2025-58149 ---- x86: Incorrect input sanitisation in Viridian hypercalls XSA-475,...

7.5CVSS5.9AI score0.004EPSS

Exploits0References4

RedhatCVE•added 2025/11/07 7:58 p.m.•4 views

CVE-2025-58147

A flaw was found in Xen. Hypercalls using the HVVPSET Sparse format can cause vpmaskset to write out of bounds when converting the bitmap to Xen's format. A buggy or malicious guest can cause Denial of Service DoS affecting the entire host, information leaks, or elevation of privilege...

7.5CVSS6.1AI score0.00347EPSS

Exploits0References2

EUVD•added 2025/10/31 12:30 p.m.•4 views

EUVD-2025-37344

This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. Some Viridian hypercalls can specify a mask of vCPU IDs as an input, in one of three formats. Xen has boundary checking bugs with all three formats, which can cause...

7.5CVSS6.4AI score0.00347EPSS

Exploits0References2

OSV•added 2025/10/31 12:15 p.m.•3 views

ALPINE-CVE-2025-58148

7.5CVSS7AI score0.00347EPSS

Exploits0References1

NVD•added 2025/10/31 12:15 p.m.•3 views

CVE-2025-58147

7.5CVSS0.00347EPSS

Exploits0References3

OSV•added 2025/10/31 12:15 p.m.•4 views

ALPINE-CVE-2025-58147

7.5CVSS7AI score0.00347EPSS

Exploits0References1

OSV•added 2025/10/31 12:15 p.m.•3 views

CVE-2025-58147

7.5CVSS5.8AI score

Exploits0References3

Cvelist•added 2025/10/31 11:50 a.m.•6 views

CVE-2025-58148 x86: Incorrect input sanitisation in Viridian hypercalls

0.00347EPSS

Exploits0References1

CVE•added 2025/10/31 11:50 a.m.•15 views

CVE-2025-58147

CVE-2025-58147 and CVE-2025-58148 describe Xen hypervisor boundary-checking bugs in Viridian hypercalls. Affected: hypercalls using the HV_VP_SET Sparse format can cause vpmask_set() to write out of bounds when converting bitmaps; any input format can cause send_ipi() to read d->vcpu[] out-of-...

7.5CVSS6.5AI score0.00347EPSS

Exploits0References3Affected Software1

Vulnrichment•added 2025/10/31 11:50 a.m.•4 views

CVE-2025-58148 x86: Incorrect input sanitisation in Viridian hypercalls

6.5AI score0.00347EPSS

Exploits0References1

Vulnrichment•added 2025/10/31 11:50 a.m.•2 views

CVE-2025-58147 x86: Incorrect input sanitisation in Viridian hypercalls

6.5AI score0.00347EPSS

Exploits0References1

Cvelist•added 2025/10/31 11:50 a.m.•10 views

CVE-2025-58147 x86: Incorrect input sanitisation in Viridian hypercalls

0.00347EPSS

Exploits0References1

CVE•added 2025/10/31 11:50 a.m.•18 views

CVE-2025-58148

Xen hypervisor vulnerability CVE-2025-58148 arises from Viridian hypercalls accepting vCPU ID masks in any input format. The flaw can cause send_ipi() to read d->vcpu[] out-of-bounds and operate on a wild vCPU pointer, enabling out-of-bounds reads/writes. Connected advisories confirm impact on...

7.5CVSS6.5AI score0.00347EPSS

Exploits0References3Affected Software1

Tenable Nessus•added 2025/10/29 12:0 a.m.•2 views

SUSE SLES15: xen / xen-devel / xen-libs / xen-tools / xen-tools-domU / etc (SUSE-SU-2025:3843-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:3843-1 advisory. - CVE-2025-58147, CVE-2025-58148: Fixed incorrect input sanitisation in Viridian hypercalls bsc1251271, XSA-475 - CVE-2025-27466,...

9.8CVSS5.8AI score0.00435EPSS

Exploits0References13

SUSE Linux•added 2025/10/28 4:40 p.m.•4 views

Security update for xen

This update for xen fixes the following issues: CVE-2025-58147, CVE-2025-58148: Fixed incorrect input sanitisation in Viridian hypercalls bsc1251271, XSA-475 CVE-2025-27466, CVE-2025-58142, CVE-2025-58143: Fixed mutiple vulnerabilities in the Viridian interface bsc1248807, XSA-472 Patch...

7CVSS7.1AI score0.00435EPSS

Exploits0References14

OSV•added 2025/10/28 4:40 p.m.•2 views

SUSE-SU-2025:3843-1 Security update for xen

This update for xen fixes the following issues: - CVE-2025-58147, CVE-2025-58148: Fixed incorrect input sanitisation in Viridian hypercalls bsc1251271, XSA-475 - CVE-2025-27466, CVE-2025-58142, CVE-2025-58143: Fixed mutiple vulnerabilities in the Viridian interface bsc1248807, XSA-472...

9.8CVSS5.8AI score0.00435EPSS

Exploits0References8

Tenable Nessus•added 2025/10/28 12:0 a.m.•3 views

SUSE SLED15: xen / xen-devel / xen-doc-html / xen-libs / xen-libs-32bit / etc (SUSE-SU-2025:3798-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:3798-1 advisory. - CVE-2025-58147, CVE-2025-58148: Fixed incorrect input sanitisation in Viridian hypercalls...

9.8CVSS5.8AI score0.00435EPSS

Exploits0References14

Tenable Nessus•added 2025/10/28 12:0 a.m.•4 views

Fedora 43 : xen (2025-22fd93478b)

The remote Fedora 43 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2025-22fd93478b advisory. Incorrect removal of permissions on PCI device unplug XSA-476, CVE-2025-58149 ---- x86: Incorrect input sanitisation in Viridian hypercalls XSA-475,...

7.5CVSS5.9AI score0.004EPSS

Exploits0References4

OSV•added 2025/10/27 7:58 a.m.•3 views

SUSE-SU-2025:3798-1 Security update for xen

9.8CVSS7.1AI score0.00435EPSS

Exploits0References9

SUSE Linux•added 2025/10/27 7:58 a.m.•2 views

Security update for xen

7CVSS7AI score0.00435EPSS

Exploits0References14

Rows per page