Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

43 matches found

EUVD
EUVDadded 2026/03/30 3:32 p.m.0 views

EUVD-2026-17111

A flaw was found in virtio-win. The RhelDoUnMap function does not properly validate the number of descriptors provided by a user during an unmap request. A local user could exploit this input validation vulnerability by supplying an excessive number of descriptors, leading to a buffer overrun. Th...

6.7CVSS6AI score0.00012EPSS
Exploits0References4
NVD
NVDadded 2026/03/30 3:16 p.m.0 views

CVE-2026-5164

A flaw was found in virtio-win. The RhelDoUnMap function does not properly validate the number of descriptors provided by a user during an unmap request. A local user could exploit this input validation vulnerability by supplying an excessive number of descriptors, leading to a buffer overrun. Th...

6.7CVSS0.00012EPSS
Exploits0References3
NVD
NVDadded 2026/03/30 3:16 p.m.1 views

CVE-2026-5165

A flaw was found in virtio-win, specifically within the VirtIO Block BLK device. When the device undergoes a reset, it fails to properly manage memory, resulting in a use-after-free vulnerability. This issue could allow a local attacker to corrupt system memory, potentially leading to system...

7.8CVSS0.00013EPSS
Exploits0References3
Cvelist
Cvelistadded 2026/03/30 3:2 p.m.16 views

CVE-2026-5165 Virtio-win: virtio-win: memory corruption via use-after-free in virtio blk device reset

A flaw was found in virtio-win, specifically within the VirtIO Block BLK device. When the device undergoes a reset, it fails to properly manage memory, resulting in a use-after-free vulnerability. This issue could allow a local attacker to corrupt system memory, potentially leading to system...

6.7CVSS0.00013EPSS
Exploits0References3
CVE
CVEadded 2026/03/30 3:2 p.m.6 views

CVE-2026-5165

CVE-2026-5165 affects virtio-win’s VirtIO Block (BLK) device. A reset can mishandle memory, causing a use-after-free that could allow a local attacker to corrupt memory and cause system instability or unexpected behavior. Connected sources corroborate the issue across NVD, Red Hat and other feeds...

7.8CVSS5.8AI score0.00013EPSS
Exploits0References3Affected Software2
Vulnrichment
Vulnrichmentadded 2026/03/30 3:2 p.m.1 views

CVE-2026-5165 Virtio-win: virtio-win: memory corruption via use-after-free in virtio blk device reset

A flaw was found in virtio-win, specifically within the VirtIO Block BLK device. When the device undergoes a reset, it fails to properly manage memory, resulting in a use-after-free vulnerability. This issue could allow a local attacker to corrupt system memory, potentially leading to system...

6.7CVSS5.8AI score0.00013EPSS
Exploits0References3
ATTACKERKB
ATTACKERKBadded 2026/03/30 3:2 p.m.1 views

CVE-2026-5165

A flaw was found in virtio-win, specifically within the VirtIO Block BLK device. When the device undergoes a reset, it fails to properly manage memory, resulting in a use-after-free vulnerability. This issue could allow a local attacker to corrupt system memory, potentially leading to system...

6.7CVSS5.8AI score0.00013EPSS
Exploits0References4
Vulnrichment
Vulnrichmentadded 2026/03/30 3:2 p.m.0 views

CVE-2026-5164 Virtio-win: virtio-win: denial of service via unvalidated descriptor count in unmap request

A flaw was found in virtio-win. The RhelDoUnMap function does not properly validate the number of descriptors provided by a user during an unmap request. A local user could exploit this input validation vulnerability by supplying an excessive number of descriptors, leading to a buffer overrun. Th...

6.7CVSS6AI score0.00012EPSS
Exploits0References3
ATTACKERKB
ATTACKERKBadded 2026/03/30 3:2 p.m.0 views

CVE-2026-5164

A flaw was found in virtio-win. The RhelDoUnMap function does not properly validate the number of descriptors provided by a user during an unmap request. A local user could exploit this input validation vulnerability by supplying an excessive number of descriptors, leading to a buffer overrun. Th...

6.7CVSS6AI score0.00012EPSS
Exploits0References4
RedhatCVE
RedhatCVEadded 2026/03/30 3:2 p.m.1 views

CVE-2026-5165

A flaw was found in virtio-win, specifically within the VirtIO Block BLK device. When the device undergoes a reset, it fails to properly manage memory, resulting in a use-after-free vulnerability. This issue could allow a local attacker to corrupt system memory, potentially leading to system...

6.7CVSS5.8AI score0.00013EPSS
Exploits0References4
Cvelist
Cvelistadded 2026/03/30 3:2 p.m.17 views

CVE-2026-5164 Virtio-win: virtio-win: denial of service via unvalidated descriptor count in unmap request

A flaw was found in virtio-win. The RhelDoUnMap function does not properly validate the number of descriptors provided by a user during an unmap request. A local user could exploit this input validation vulnerability by supplying an excessive number of descriptors, leading to a buffer overrun. Th...

6.7CVSS0.00012EPSS
Exploits0References3
CVE
CVEadded 2026/03/30 3:2 p.m.8 views

CVE-2026-5164

The CVE-2026-5164 entry describes a vulnerability in virtio-win where the RhelDoUnMap() function fails to properly validate the number of descriptors in an unmap request. This input validation flaw can be exploited by a local user who supplies an excessive number of descriptors, potentially causi...

6.7CVSS6AI score0.00012EPSS
Exploits0References3Affected Software2
RedhatCVE
RedhatCVEadded 2026/03/30 3:2 p.m.0 views

CVE-2026-5164

A flaw was found in virtio-win. The RhelDoUnMap function does not properly validate the number of descriptors provided by a user during an unmap request. A local user could exploit this input validation vulnerability by supplying an excessive number of descriptors, leading to a buffer overrun. Th...

6.7CVSS5.9AI score0.00012EPSS
Exploits0References4
Positive Technologies
Positive Technologiesadded 2026/03/30 12:0 a.m.1 views

PT-2026-29035

Name of the Vulnerable Software and Affected Versions virtio-win affected versions not specified Description A flaw exists in virtio-win where the RhelDoUnMap function inadequately validates the number of descriptors supplied by a user during an unmap request. A local user could exploit this inpu...

6.7CVSS6AI score0.00012EPSS
Exploits0References8
CNNVD
CNNVDadded 2026/03/30 12:0 a.m.2 views

virtio-win 安全漏洞

virtio-win is an open-source virtual machine simulation software developed by virtio-win. virtio-win has a security vulnerability, which stems from improper memory management during the reset of VirtIO Block devices. This vulnerability may lead to reuse of freed resources after release, as well a...

7.8CVSS5.8AI score0.00013EPSS
Exploits0References4
Positive Technologies
Positive Technologiesadded 2026/03/30 12:0 a.m.2 views

PT-2026-29036

Name of the Vulnerable Software and Affected Versions virtio-win affected versions not specified Description A memory management issue exists in the VirtIO Block BLK device within virtio-win. A reset of the device does not properly handle memory, leading to a use-after-free condition. This could...

7.8CVSS5.9AI score0.00013EPSS
Exploits0References8
CNNVD
CNNVDadded 2026/03/30 12:0 a.m.3 views

virtio-win 安全漏洞

virtio-win is an open-source virtual machine simulation software developed by virtio-win. virtio-win has a security vulnerability; this vulnerability stems from the RhelDoUnMap function not properly verifying the number of descriptors provided by the user, which may lead to buffer overflows and...

6.7CVSS5.9AI score0.00012EPSS
Exploits0References4
Tenable Nessus
Tenable Nessusadded 2026/03/30 12:0 a.m.2 views

Linux Distros Unpatched Vulnerability : CVE-2026-5164

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in virtio-win. The RhelDoUnMap function does not properly validate the number of descriptors provided by a user during an unmap request. A loca...

6.7CVSS6AI score0.00012EPSS
Exploits0References2
Rockylinux
Rockylinuxadded 2025/03/17 8:16 p.m.3 views

virtio-win bug fix and enhancement update

An update is available for virtio-win. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Kernel-based Virtual Machine KVM offers a full virtualization solution...

7.4AI score
Exploits0
OSV
OSVadded 2024/09/16 10:50 a.m.15 views

RHBA-2023:2451 Red Hat Bug Fix Advisory: virtio-win bug fix and enhancement update

Bulletin has no description...

7.8CVSS7.6AI score0.00022EPSS
Exploits0References23
Rows per page
Query Builder